The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...

Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with ...

How to avoid another SolarWinds, Log4j, and XZ Utils situation Organizations concerned about software supply chain attacks ...

CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.

A compromise of the popular GitHub Actions tool turned into a massive supply chain attack, at this point thought to be ...

A security researcher has discovered that the websites of over 100 car dealerships have been compromised in a supply-chain ...

The global supply chain is the backbone of the world’s economy. From suppliers and manufacturers to transporters, retailers, ...

A cascading supply chain attack that began with the compromise of the "reviewdog/action-setup@v1" GitHub Action is believed ...

GitHub Action tj-actions/changed-files was compromised, leaking CI/CD secrets. Users must update immediately to prevent ...

CISA warns of CVE-2025-30066, a GitHub supply chain attack exposing secrets via compromised actions logs. Update ...

Security researchers are warning of a supply chain attack against tj-actions/changed-files GitHub Action, which is used in ...

Join this virtual event as we explore of the critical nature of software and vendor supply chain security issues.