GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories

Updated on March 17, 2025

Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow.
The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It’s used to track and retrieve all…

Read the rest of the story at Read More

Source: The Hacker News

October 14, 2024 Uncategorized

Supply Chain Attacks Can Exploit Entry P...

April 22, 2025 Uncategorized

5 Major Concerns With Employees Using Th...

April 3, 2025 Uncategorized

GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories

Related posts

Supply Chain Attacks Can Exploit Entry P...

5 Major Concerns With Employees Using Th...

Lazarus Group Targets Job Seekers With C...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines