Summary:
Cybersecurity researchers have recently uncovered a significant supply chain compromise targeting the widely adopted GitHub Action, "tj-actions/changed-files," which is integrated into the CI/CD workflows of over 23,000 software repositories. The vulnerability, assigned CVE-2025-30066 with a critical CVSS score of 8.6, involves malicious modifications to the action's code. Attackers cleverly manipulated multiple existing version tags to point to a compromised commit, effectively pushing the malicious code into prior releases. This allowed the injected code to execute within the CI/CD pipelines of unsuspecting users with the primary objective of printing CI/CD secrets in GitHub Actions build logs. Consequently, if these logs were publicly exposed, there is a significant risk of unauthorized exposure of highly sensitive secrets when the action is run on a repository. The types of secrets potentially exposed include critical assets such as AWS access keys, GitHub Personal Access Tokens, npm tokens, and private RSA keys.

Security Officer Comments:
The malicious code used in this attack involved the execution of a Python script hosted on a now-removed GitHub gist, designed to extract and dump CI/CD secrets from the Runner Worker process. Investigations indicate that the origin of this malicious insertion can be traced back to an unverified source code commit. The maintainers of the "tj-actions/changed-files" project identified the root cause as the compromise of a GitHub Personal Access Token belonging to the @tj-actions-bot, an account with elevated privileges within the compromised repository.

While there is currently no indication that leaked secrets from this incident were actively harvested and transmitted to attacker-controlled infrastructure, the exposure of these secrets presents a substantial security risk. Reinforcing this assertion, Dimitri Stiliadis, CTO and co-founder of Endor Labs emphasized the critical role of such actions in software development pipelines, highlighting that their compromise can impact the entire software development lifecycle. The fact that an attacker could retroactively modify version tags to reference the malicious commit underscores a critical weakness in GitHub Actions. The attacker's ability to inject a Python script to dump secrets into build logs is an effective example of how seemingly benign actions can be weaponized. The previous vulnerability (CVE-2023-49291) in the same GitHub action is a compelling reminder that targeting this action is not a novel technique or necessarily an isolated incident. The effectiveness of maintaining hash-pinned versions, as noted by Wiz, cannot be overstated, as it provides a layer of defense against retroactive modifications. The maintainers' response, including the shift to passkeys and the principle of least privilege, is a testament to efficacious post-compromise mitigation and recovery, but the incident highlights the necessity for continuous monitoring in CI/CD environments as the reliance on GitHub Actions and similar tools introduces significant additional risks to an organization’s security posture.

Suggested Corrections:
The maintainers have explicitly stated that no PATs will be used for any projects within the tj-actions organization moving forward to mitigate the risk of future security incident occurrences. Users of the affected GitHub Action are strongly advised to immediately update to the latest version (46.0.1) and to thoroughly review all workflow execution logs between March 14 and March 15, specifically looking for any unexpected output under the changed-files section as a potential malicious indicator.