The supply chain attack targeting the GitHub Action "tj-actions/changed-files" originated from a focused attempt against a Coinbase project but grew in scope. Discovered on March 14, 2025, it involved code injection that exposed sensitive secrets from numerous repositories. Palo Alto Networks revealed that while 218 repositories were affected, most leaked credentials were temporary, which minimizes the overall risk. The attack exploited the CI/CD processes of an open-source project, raising concerns due to dependencies on the compromised GitHub Action.
The payload was focused on exploiting the public CI/CD flow of one of their open source projects - agentkit, probably with the purpose of leveraging it for further compromises.
The initial scale of the supply chain attack sounded scary, considering that tens of thousands of repositories depend on the GitHub Action.
However, drilling down into the workflows, their runs and leaked secrets shows that the actual impact is smaller than anticipated: 'Only' 218 repositories leaked secrets.
The incident came to light on March 14, 2025, when it was found that "tj-actions/changed-files" was compromised to inject code that leaked sensitive secrets.
Collection
[
|
...
]