Cyber Mornings Daily
Cyber Mornings Daily is your go-to daily podcast for the latest cybersecurity news, trends, and insights, delivered by AI. Each episode delivers a concise and informative breakdown of the most pressing cyber threats, vulnerabilities, and breaches.
RSS iTunes YouTube Spotify Amazon MusicI see you found this webpage. Welcome to my little AI project. All audio and album art are generated with AI tools from Google. Generation is performed with a combination of Gemini for text and images, and NotebookLM for the audio portion.
March 24th, 2025
2025-03-24
Crypto GitHub, Mixer Sanctions, & Veeam Bugs
A recent GitHub Actions supply chain attack primarily targeted Coinbase, a cryptocurrency exchange. The attack involved injecting malicious code into the `reviewdog/action-setup@v1` GitHub Action, which led to the dumping of CI/CD secrets and authentication tokens in GitHub Actions logs. Threat actors then used a stolen Personal Access Token to push a malicious commit to another GitHub Action, `tj-actions/changed-files`, again dumping secrets. Although this malicious commit specifically targeted Coinbase projects, including their `coinbase/agent kit`, and attackers gained write access to the repository, Coinbase reported that the attack was ultimately unsuccessful and did not impact their assets. While 23,000 projects used the compromised action, only 218 repositories were affected.
DownloadFiletype: WAV - Size: 41 MB - Duration: 14:24m (384 kbps 24000 Hz)
Powered by Podcast Generator, an open source podcast publishing solution | Theme based on Bootstrap