CoinBase Targeted Initially In GitHub Supply Chain Attack

A sophisticated supply chain attack has compromised multiple GitHub repositories by exploiting popular GitHub Actions. What began as a highly targeted attack on Coinbase’s open-source project evolved into a broader campaign that affected hundreds of repositories—highlighting the growing complexity of modern CI/CD security threats.

Initial Intrusion: Coinbase as the Target

The attack initially focused on Coinbase’s open-source project agentkit, aiming to exploit its continuous integration and deployment (CI/CD) workflows.

Fortunately, the attacker did not gain access to Coinbase secrets or publish malicious packages, but the incident signaled a serious breach of trust in the broader GitHub ecosystem.

Discovery and CVE Details

The compromise was publicly identified on March 14, 2025, when it was found that the GitHub Action tj-actions/changed-files had been tampered with to leak sensitive secrets from any repositories using the workflow. The issue was assigned CVE-2025-30066, with a high severity CVSS score of 8.6.

According to Endor Labs, at least 218 GitHub repositories were impacted, with leaked secrets including:

• DockerHub credentials

• npm tokens

• AWS credentials

• GitHub install access tokens

Most exposed secrets were short-lived GITHUB_TOKENs that expire after workflow execution, limiting the long-term damage in many cases.

Dependency Chain Compromise: The Root Cause

The attack was made possible through a chained compromise involving another GitHub Action: reviewdog/action-setup. This component is a dependency of tj-actions/eslint-changed-files, which in turn is used by tj-actions/changed-files.

This breach (tracked as CVE-2025-30154, CVSS 8.6) enabled attackers to:

• Steal a Personal Access Token (PAT) from the tj-bot-actions account

• Modify the tj-actions/changed-files repository

• Insert malicious code affecting all dependent projects

Attack Techniques: Concealment and Persistence

The attackers used sophisticated techniques to conceal their activity:

• Leveraged dangling commits: changes made in forked repositories pushed via pull requests

• Used disposable GitHub accounts

• Obfuscated logs to avoid detection in CI/CD workflows

• Swapped registration emails to hide GitHub activity from public view

One user involved in the compromise, identified by the handle iLrmKCu86tjwp8, had their activity hidden—possibly due to email manipulation violating GitHub’s policies.

Broader Impact and Forensic Findings

Further investigation revealed that two now-deleted accounts, 2ft2dKo28UazTZ and mmvojwip, created forks of other Coinbase repositories including onchainkit, agentkit, and x402.

These accounts:

• Modified changelog.yml to point to the malicious version of tj-actions/changed-files

• Used the compromised PAT to introduce unauthorized commits

• Demonstrated different payloads depending on the attack target

Attacker Motives and Timeline

While the exact intentions remain unclear, the campaign is believed to be financially motivated—possibly targeting cryptocurrency theft through stolen credentials and access.

The switch from a stealthy, targeted campaign to a wider, more detectable assault may have been triggered by Coinbase mitigating the breach.

The wider attack began just 20 minutes after Coinbase’s defensive action, indicating a reactive and opportunistic threat actor.

GitHub's Response and Recommendations

GitHub has stated there is no evidence of compromise to its own systems. Instead, the impacted projects were user-maintained.

Lessons and Mitigation Strategies

This incident underscores the importance of:

• Vetting third-party dependencies in CI/CD pipelines

• Monitoring workflow logs for anomalies

• Rotating access tokens and using least privilege principles

• Implementing supply chain security tools to detect risky packages and actions

While the attacker’s full strategy and objectives are still unfolding, this breach highlights the growing risk posed by open-source ecosystem dependencies in development pipelines.