GitHub Action - Geek Feed

Security
Tech News

Supply chain attack on popular GitHub Action exposes CI/CD secrets

March 21, 2025March 21, 2025 geekfeed0Tagged Data Leak, GitHub, GitHub Action, GitHub Actions, supply chain, Supply Chain Attack

A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. The GitHub Action is a very popular automation tool designed for GitHub Actions workflows. It allows developers to identify files changed in a pull request or commit […]

2 mins read