https://www.bleepingcomputer.com/news/security/coinbase-was-primary-target-of-recent-github-actions-breaches/

Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories.

According to new reports from Palo Alto Unit 42 and Wiz, the attack was carefully planned and began when malicious code was injected into reviewdog/action-setup@v1 GitHub Action. It is unclear how the breach occurred, but the threat actors modified the action to dump CI/CD secrets and authentication tokens into GitHub Actions logs.