Cyber News

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog. The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote
Read More

Related Posts

No, you’re not fired – but beware of job termination scams

No, you’re not fired – but beware of job termination scams

How AI-driven identify fraud is causing havoc

How AI-driven identify fraud is causing havoc

Patch or perish: How organizations can master vulnerability management

Patch or perish: How organizations can master vulnerabi...

Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations

Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks ...

Gaming or gambling? Lifting the lid on in-game loot boxes

Gaming or gambling? Lifting the lid on in-game loot boxes

Neil Lawrence: What makes us unique in the age of AI | Starmus highlights

Neil Lawrence: What makes us unique in the age of AI | ...