Hawaii Cybersecurity Journal

"Coinbase initially targeted GitHub Actions Supply Chain." Views expressed in this cybersecurity, cyber crime, and cyber espionage update are those of the reporteres and correspondents.  Accessed on 23 March 2025, 2136 UTC. Content and Source:  https://thehackernews.com. Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed  Mar 23, 2025   Supply Chain / Vulnerability The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope. "The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for further compromi...

"FIN 7, FIN 8, and others use Ragnar Loader for persistent access to ransomware operations." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 March 2025, 2123 UTC. Content and Source:  https://thehackernews.com. Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations  Mar 07, 2025 Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil). "Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in networks for long-term operations," Swiss cybersecurity company PRODAFT said in a st...