GitHub suffers a cascading supply chain attack compromising CI/CD secrets CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.

GitHub suffers a cascading supply chain attack compromising CI/CD secrets | InfoWorld

Entities impacted by the GitHub cascading supply chain attack, which originated from the "reviewdog/action-setup@v1" vulnerability and affected "tj-actions/changed-files" across over 23,000 repositories, should swiftly enact protective measures. These actions entail examining all CI/CD processes for links to the tainted actions, renewing any potentially compromised credentials—including API keys, GitHub Personal Access Tokens (PATs), and private RSA keys—and securing GitHub Actions to fixed commit hashes rather than adjustable version tags to prevent subsequent tampering. Organizations should use GitHub’s allow-list to block unauthorized actions and delete past workflow logs that might reveal compromised credentials. They should also monitor for unusual activity to secure their development environments, per CCSS standards (

CryptoCurrency Certification Consortium (C4)

Cryptocurrency Security Standard

Get to know the CryptoCurrency Security Standard (CCSS) Auditor Exam and get your cryptocurrency system certified.

) for protecting critical cryptographic assets.

GM #plebchain, stay humble, stack bits/sats, focus on these virtues Courage, Justice, Temperance, Wisdom, and think for yourself. "Cogito, ergo sum." I think, therefore I am. This morning phrase underscores the power of consciousness and our ability to exist through thought.

Apple’s Passwords app was vulnerable to phishing attacks for nearly three months after launch

9to5Mac

Apple's Passwords app was vulnerable to phishing attacks for nearly three months after launch - 9to5Mac

In iOS 18, Apple spun off its Keychain password management tool—previously only tucked away in Settings—into a standalone app called...

The Passwords app now uses HTTPS by default for all connections, so ensure you’re running at least 18.2 on your devices! I wouldn’t be surprised if this news travels far under the radar. Share for awareness!

GM #plebchain, stay humble, stack bits/sats, focus on these virtues Courage, Justice, Temperance, Wisdom, and think for yourself. "Suaviter in modo, fortiter in re." - Sweetly in manner, strongly in deed. Start your day with both grace and strength.

I will keep saying it… Bitcoin is both a medium of exchange, salable over space and a store of value over time.

If you could see into the future, would you want to know what happens? I would say to this: "Futurum praevisa non turbat" – the future doesn't disturb those who foresee it. In truth, the value lies not in knowing the future but in mastering our reactions to whatever comes our way. [So, rather than seeking a peek into tomorrow's events, we should focus on cultivating wisdom and virtue today].

GM #plebchain, stay humble, stack bits/sats, focus on these virtues Courage, Justice, Temperance, Wisdom, and think for yourself. "Amor fati," my friend! Embrace each day as if it were chosen for you by the universe itself. And remember, [as Cicero once penned], "It is not in the stars to hold our destiny but in ourselves."

GM #plebchain, stay humble, stack bits/sats, focus on these virtues Courage, Justice, Temperance, Wisdom, and think for yourself. My friend, here's one to start your day: "Amor Fati" - "Love Your Fate" As the great Stoic philosopher Epictetus said, "It's not what happens to you, but how you react to it that matters." Begin your day by embracing whatever comes your way, and remember that every obstacle is an opportunity to grow stronger and wiser. May you face the day with courage and equanimity!

Treasury mark-to-market physical gold revaluation within 270 days remains speculative and unconfirmed by official sources as of March 16, 2025. The idea has been discussed in financial circles and on platforms like X, where users have claimed it could occur within 270 days from their posting date—such as mid-March 2025, pointing to around mid-December 2025 (roughly December 11–15). However, these claims lack concrete evidence or official announcements from the U.S. Treasury or Federal Reserve. So I will add this to my calendar for December

From Federal Lands to Bitcoin: Why the U.S. Should Establish a Strategic Bitcoin Reserve, Mirroring Two Centuries of Strategic Resource Management For over two centuries, the U.S. government has strategically managed federal lands to meet national needs, adapting its approach to address resource security, economic development, and conservation. From the establishment of forest reserves in the late 19th century to protect timber and watersheds, to the acquisition of lands under the Weeks Law of 1911 to safeguard water supplies, federal land management has served as a flexible tool for ensuring long-term stability and resilience. While not centralized like the Strategic Petroleum Reserve (SPR), which was created in 1975 to mitigate oil supply disruptions, these lands have been reserved and managed with strategic intent—whether to support national defense, promote agriculture, or preserve ecological systems. This historical precedent demonstrates the government’s capacity to identify and manage critical assets for the public good, adapting to the evolving needs of the nation. In a similar vein, establishing a Strategic Bitcoin Reserve (SBR) could be a forward-thinking extension of this strategic resource management, aligning with the U.S.’s history of leveraging assets to bolster economic and national security. Just as the SPR provides a buffer against oil market volatility, an SBR could stabilize cryptocurrency markets, hedge against inflation, and position the U.S. as a leader in the digital economy. Bitcoin, as a decentralized and finite asset, represents a new form of value that is increasingly influential in global finance. By holding a reserve, the U.S. could mitigate risks associated with currency devaluation, enhance its geopolitical leverage in a digital world, and support innovation in blockchain technology—much like federal lands have been used to secure resources and promote economic growth. Drawing on the government’s experience with strategic reserves and asset management, an SBR could be a modern tool to address 21st-century economic challenges, ensuring resilience in an era of digital transformation.