Cybersecurity researchers are using continuous integration and continuous delivery (CI/CD) workflows to draw attention to cases in which common Github Action TJ action/change files have been compromised to leak secrets from the repository.
The incident included TJ-actions/Chanded-Files Github actions used in over 23,000 repositories. Used to track and retrieve all files and directories that have been modified.
Supply chain compromises are assigned the CVE identifier CVE-2025-30066 (CVSS score: 8.6). The incident is said to have occurred before March 14th, 2025.
“In this attack, the attacker changed the code of the action and retrospectively updated multiple version tags to refer to malicious commits,” Stepecurity said. “The compromised action prints the CI/CD secrets on github actions.
The ultimate result of this behavior is that if the workflow log is published, the actions performed in the repository can lead to unauthorized exposure of sensitive secrets.
This includes AWS Access Keys, Github Personal Access Tokens (PAT), NPM Tokens, Private RSA Keys, and more. However, there is no evidence that leaked secrets have been sucked up into the infrastructure managed by attackers.
Specifically, the malicious insert code is designed to run a GitHub Gist-hosted Python script that dumps CI/CD secrets from the runner worker process. It is said to have come from an unverified source code commit. Github Gist has since been deleted.
“TJ-actions/Change-Files are used in organizations’ software development pipelines,” Dimitri Stiliadis, CTO and co-founder of Endor Labs, said in a statement shared with Hacker News. “After the developers write and review the code, they usually publish it to the main branch of the repository. From there they take a ‘pipeline’, create it, build it for production, and deploy it. ”
“TJ-actions/Change-Files helps to detect changes to files in the repository. This allows you to see which files have been added, changed or deleted during a commit, branch, or pull request.”
“Attackers changed the code of the action, retroactively updating multiple version tags to refer to malicious commits. Compromised actions now discard CI/CD secrets and run malicious Python scripts that affect thousands of CI pipelines.”
The project maintainer says that the unknown threat actor behind the incident was able to compromise the github personal access token (pat) used by @tj-actions-bot, a bot with privileged access to the compromised repository.
Following the discovery, the account’s password was updated, authentication was upgraded to use PassKey, and its privilege level was updated to follow the principle of minimal privilege. Github has cancelled its compromised Pat.
“The affected personal access tokens were saved as secrets of Github actions that were subsequently revoked,” the maintainer added. “Now, it will not be used for all projects in the TJ-actions organization and will prevent the risk of recurrence.”
Anyone using GitHub actions is recommended to update to the latest version (46.0.1) as soon as possible. It is also recommended that users review all workflows that ran between March 14th and March 15th and see “unexpected output in the modified files section”.
This is not the first time a security issue has been flagged in a TJ-actions/Chanded-Files action. In January 2024, security researcher Adnan Khan revealed details of the serious flaws (CVE-2023-49291, CVSS score: 9.8) affecting TJ-actions/Changed-files and TJ-actions/Branch-Names that could pave the way for the execution of arbitrary code.
This development once again highlights that open source software remains particularly susceptible to supply chain risks.
“As of March 15, 2025, we found that all versions of the TJ action/change file will be affected as attackers have changed existing version tags to point to malicious code,” said Wiz, a cloud security company.
“Customers who used the hashpin version of TJ-actions/change files will not be affected unless they are updated to the affected hash during the exploitation period.”
Source link
