Summary

On March 14, 2025, a critical supply chain attack targeted the widely used GitHub Action tj-actions/changed-files. This action, utilized in over 23,000 repositories, was compromised when attackers injected malicious code, causing CI/CD pipeline secrets to be exposed in GitHub Actions logs. This breach raised serious concerns regarding the security of GitHub Actions and the importance of implementing robust security measures in CI/CD workflows.

This advisory provides a deep dive into the attack, its impact, and actionable steps organizations can take to mitigate similar threats in the future.

Severity:  High 

CVSSv3 Score:  8.6

Timeline: 

The Attack Breakdown

What Happened?

A malicious actor managed to modify the tj-actions/changed-files repository, injecting a script that caused workflows to print sensitive secrets directly into logs. Public repositories were at the highest risk, as their logs were accessible to anyone, leading to potential credential leaks.

How Did the Attackers Gain Access?

• The attackers exploited a compromised GitHub personal access token (PAT) linked to the repository.
• Using this access, they modified multiple version tags to point to a malicious commit.
• The injected code executed within GitHub Actions workflows, extracting secrets from the CI/CD environment and printing them in build logs.

Detection and Github Response

• The attack was first detected by StepSecurity’s Harden-Runner, which identified anomalous network activity linked to the compromised action.
• Security researchers confirmed that secrets were being exposed in logs and issued an immediate advisory.
• GitHub removed the tj-actions/changed-files repository temporarily to mitigate further damage.
• The malicious commit was reverted, and the repository was restored.

Impact of the Attack

This supply chain attack had significant consequences:

• Exposure of CI/CD Secrets: API keys, authentication tokens, and other sensitive credentials were potentially leaked.
• Unauthorized Repository Access: Attackers could use exposed credentials to compromise additional repositories.
• Risk to Open-Source Projects: Public repositories that rely on GitHub Actions were at high risk of credential theft.
• Trust Erosion in CI/CD Security: This attack highlighted the need for stricter controls in GitHub Actions security practices.

Mitigation & Recommended Actions

Immediate Steps to Take

1. Review Logs: Audit CI/CD logs for exposed secrets or unusual activity.
2. Rotate Secrets: If your repository used tj-actions/changed-files, immediately rotate all API keys, tokens, and credentials.
3. Restrict GitHub Actions Permissions: Limit permissions granted to GitHub Actions to reduce exposure risk.
4. Monitor CI/CD Pipelines: Implement anomaly detection tools like StepSecurity’s Harden-Runner.
5. Review DNS Logs: Review DNS logs for connections to gist.githubusercontent.com for finding affected workflows.
6. Monitor Network Logs: Monitor outgoing connection, using vpc-flowlogs
7. Monitor Execution of Suspicious Files: Using eBPF agent

Long-Term Security Best Practices

Pin Actions to Commit Hashes: Always pin GitHub Actions to specific commit hashes instead of version tags to prevent unauthorized modifications. 

Use Read-Only Secrets in Workflows: Avoid exposing sensitive credentials in CI/CD environments.

Regular Audit Dependencies: Continuously monitor dependencies and GitHub Actions used in workflows.

Snowbit Response 

• Our team scanned available logs within Coralogix and found no traces of the compromise in customer environments.
• However, not all logs may have been integrated with Coralogix, so we strongly advise customers to conduct their own validation.
• Customers should audit their GitHub Actions logs, specifically looking for unexpected network connections, leaked secrets, or unauthorized script execution during the affected timeframe.

Reference

[1]https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066

[2]https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised