Tag Palo Alto Networks

Coinbase Targeted in GitHub Actions Supply Chain Attack; Secrets Exposed from 218 Repositories’ CI/CD Pipelines

Supply Chain Attack Targets GitHub Action, Compromising Sensitive Data A recent supply chain attack has raised significant cybersecurity concerns, particularly for businesses relying on open-source projects. This incident originated from the GitHub Action “tj-actions/changed-files,” which was initially directed at one of Coinbase’s open-source initiatives but subsequently expanded in scale. According…

Read MoreCoinbase Targeted in GitHub Actions Supply Chain Attack; Secrets Exposed from 218 Repositories’ CI/CD Pipelines

⚡ THN Weekly Highlights: GitHub Supply Chain Attack, AI Malware, BYOVD Strategies, and More

Recent advancements in open-source tools have inadvertently contributed to a significant supply chain breach, originating from a focused attack that swiftly expanded, compromising sensitive information across multiple projects. This breach highlights how a manipulated GitHub Action, designed to analyze changed files, evolved from targeting specific projects like Coinbase into a…

Read More⚡ THN Weekly Highlights: GitHub Supply Chain Attack, AI Malware, BYOVD Strategies, and More

Hackers Leverage AWS Misconfigurations to Execute Phishing Attacks Using SES and WorkMail

Amazon Web Services Targeted in Phishing Campaigns by Threat Group TGR-UNK-0011 Recent investigations by Palo Alto Networks’ Unit 42 have unveiled alarming activities targeting Amazon Web Services (AWS). The threat group known as TGR-UNK-0011, which has been active since 2019, is leveraging misconfigurations within AWS environments to execute sophisticated phishing…

Read MoreHackers Leverage AWS Misconfigurations to Execute Phishing Attacks Using SES and WorkMail

China-Linked Silk Typhoon Broadens Cyber Attacks to Target IT Supply Chains for Initial Access

The group known as Silk Typhoon—previously referred to as Hafnium—has shifted its focus from exploiting vulnerabilities in Microsoft Exchange servers to targeting the information technology (IT) supply chain. This change in strategy aims to gain initial access to corporate networks, according to the Microsoft Threat Intelligence team’s recent report. Silk…

Read MoreChina-Linked Silk Typhoon Broadens Cyber Attacks to Target IT Supply Chains for Initial Access

Salesloft Drift Hack Targets Tenable and Qualys Users

Identity & Access Management, Security Operations Salesloft Reports GitHub Repository Compromised by Cyber Attackers Greg Sirico • September 8, 2025 Image: Shutterstock Salesloft has confirmed that hackers gained unauthorized access to its GitHub repository, leading to a significant breach affecting several companies, including cybersecurity firms Tenable and Qualys. This incident…

Read MoreSalesloft Drift Hack Targets Tenable and Qualys Users

⚡ THN Weekly Recap: Fresh Assaults, Timeless Tactics, Greater Consequences

In an era where cyber threats are not merely evolving but rapidly mutating, the cybersecurity landscape continues to challenge defenses across various sectors, from global financial frameworks to vital infrastructure. With the advent of sophisticated cybercrime, ranging from state-sponsored espionage to ransomware attacks leveraging artificial intelligence, pressing questions arise about…

Read More⚡ THN Weekly Recap: Fresh Assaults, Timeless Tactics, Greater Consequences

Salesloft Drift Breach Linked to GitHub Security Breach and Compromised OAuth Tokens

Recent data breaches have raised concerns about security within popular applications, particularly the use of the Salesloft Drift application to compromise Salesforce data. In an important update, Salesloft has reported that the security incident has been addressed, with containment measures and customer protections now in effect. To investigate the breach,…

Read MoreSalesloft Drift Breach Linked to GitHub Security Breach and Compromised OAuth Tokens