Supply Chain Attack Targets Coinbase and GitHub Users via SpotBugs Token Theft

A supply chain attack that initially targeted Coinbase before expanding to users of the GitHub action "tj-actions/changed-files" has been traced back to the theft of a personal access token (PAT) linked to SpotBugs. The attackers gained initial access by exploiting the GitHub Actions workflow of SpotBugs, a popular open-source tool. This attack allowed the attackers to compromise GitHub repositories and target users of the "tj-actions/changed-files" action.