According to the cybersecurity firms analyzing the incident, the attacker initially tried to compromise the Coinbase ...

A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise ...

Identity attacks were rampant in 2024 as attackers doubled down on identity-based TTPs. Prepare to defend your organization in 2025 by looking back at identity-based breaches in 2024. Get a free ...

The supply chain compromise of a widely used VoIP phone system vendor, 3CX, has led to attacks against numerous customers and prompted comparisons to some of the largest breaches in recent memory ...

A recent supply chain attack that compromised the popular tj-actions/changed-files GitHub action has left a trail of digital destruction, affecting 218 GitHub repositories. As investigators dig deeper ...

Of the many unanswered questions about the widely felt compromise, the impact on 3CX’s end customers will be a major one to watch, according to security researchers. Days after the supply chain ...

Gal Nagli, a security lead at cybersecurity firm Wiz, explained the compromise was from a “massive supply chain attack” on the Lottie Player library — a hugely popular service that provides ...

Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with credential-stealing code after attackers gained unauthorized access to a ...

Communications app maker 3CX on Thursday acknowledged that its Windows VoIP app "includes a security issue" and has been the subject of a software supply chain attack, amid reports from ...

The threat actor behind the 3CX supply chain compromise appears to have been targeting cryptocurrency companies with the attack, according to findings from Kaspersky Lab released Monday.