Security News Recent GitHub supply chain attack traced to leaked SpotBugs token BleepingComputer Daniel Bender Apr 3, 2025 A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise multiple GitHub projects.
