Researchers have identified Coinbase as the main target in a GitHub Actions supply chain attack that exposed secrets in hundreds of repositories.
According to reports from Palo Alto Unit 42 and Wiz, the attack was carefully planned and began when hackers injected malicious code into the reviewdog/action-setup@v1 GitHub Action. While it remains unclear how the breach occurred, the altered action was designed to dump CI/CD secrets and authentication tokens into GitHub Actions logs.
The breach unfolded in multiple stages. When the tj-actions/eslint-changed-files GitHub Action triggered the compromised reviewdog action, sensitive data was exposed in workflow logs. This allowed attackers to steal a Personal Access Token, which they then used to push a malicious commit to the tj-actions/changed-files GitHub Action—once again capturing CI/CD secrets.
Coinbase’s Repository Was Directly Targeted
The attack specifically aimed at Coinbase’s coinbase/agentkit repository, a widely used framework that helps AI agents interact with blockchains. Once the changed-files action ran within Coinbase’s agentkit workflow, the attackers were able to steal tokens with write access to the repository.
However, Coinbase confirmed that the attack did not cause any harm to its projects.
“The attack was unsuccessful at causing any damage to the agentkit project or any other Coinbase asset,” Palo Alto Unit 42 reported after discussions with Coinbase.
The Attack Expanded to More Projects
Initially focused on Coinbase, the attack later spread to all projects using tj-actions/changed-files after the attackers failed in their first attempt. While the changed-files action was used by over 23,000 projects, the breach ultimately affected only 218 repositories.
