Slow Fog: Coinbase has suffered a supply chain attack on its GitHub Actions CI/CD mechanism, advising companies to self-check related risks

ChainCatcher message, Slow Mist Cosine posted on platform X stating that a supply chain attack on Coinbase was carried out using the GitHub Actions CI/CD mechanism. Fortunately, it did not continue successfully; otherwise, the next security incident exposed would have been against Coinbase. The supply chain attack path on GitHub: reviewdog/action-setup -> tj-actions/changed-files -> coinbase/agentkit -> stealing GitHub Personal Access Token (PAT), cloud service-related keys, etc. Cosine suggests that if companies use reviewdog or tj-actions, they should conduct a self-check.