CISA Warns of Supply Chain Compromise of tj-actions/changed-files GitHub Action

All versions of tj-actions/changed-files, a popular GitHub Action that’s used to determine which files have been modified in a pull request or commit, have been compromised in a supply chain attack. Researchers discovered the attack late last week and the maintainers of the Action have remediated the issue. 

CVE: CVE-2025-30066

Why It Matters: The tj-actions/changed-files GitHub Action is used in more than 23,000 repositories, according to StepSecurity, which identified the compromise. The incident enabled the adversary to gain access to secrets in some cases. “In this attack, the attackers modified the action’s code and retroactively updated multiple version tags to reference the malicious commit. The compromised Action prints CI/CD secrets in GitHub Actions build logs. If the workflow logs are publicly accessible (such as in public repositories), anyone could potentially read these logs and obtain exposed secrets. There is no evidence that the leaked secrets were exfiltrated to any remote network destination,” the advisory says.

Key Details

• The attacker was able to compromise a Personal Access Token for bot account linked to the tj-actions/changed-files GitHub Action

• The adversary then modified all of the Action’s tags to have them point to the malicious commit, which then runs the attacker’s malicious code

• The compromise affected all version of the Action, from 1 through 45

• “The tj-actions/changed-files GitHub Action, which is currently used in over 23,000 repositories, has been compromised. In this attack, the attackers modified the action’s code and retroactively updated multiple version tags to reference the malicious commit. The compromised Action prints CI/CD secrets in GitHub Actions build logs. If the workflow logs are publicly accessible (such as in public repositories), anyone could potentially read these logs and obtain exposed secrets. There is no evidence that the leaked secrets were exfiltrated to any remote network destination. Here is the sequence of events that led to this supply chain attack,” the StepSecure analysis says. 

• CISA has added the vulnerability to its Known Exploited Vulnerabilities catalog

Research teams have been watching the results of the incident and seeing the script grab the secrets.

“Wiz Threat Research has observed first-hand the deployment of the script designed to dump secrets as part of the malicious payload's execution (as reported elsewhere as well). We've also identified dozens of impacted public repositories with exposed sensitive secrets, and have been reaching out to the affected parties,” researchers at Wiz wrote in an analysis of the incident.