A supply chain attack affected a section of GitHub which is used in over 23,000 repositories.

According to the GitHub blog Sweet Security, a supply chain attack compromised the widely used GitHub Action, exposing secrets from numerous repositories. 

“This incident, assigned CVE-2025-30066, underscores the growing risks in software supply chains and highlights the need for stronger runtime security measures in CI/CD pipelines,” CTO Tomer Filiba said.

Filber said that GitHub Action’s ‘tj-actions/changed-files’ is designed to detect which files have changed in a pull request or commit, and enables workflows to execute tasks conditionally based on file modifications, such as running specific tests or triggering deployments. “Due to its usefulness, the action is widely adopted in open-source and enterprise repositories.”

Malicious Code

In this instance, attackers injected malicious code into the GitHub Action, allowing it to dump memory from CI/CD runners. This resulted in workflow secrets being exposed in logs, though there is no confirmed evidence of external exfiltration. “The breach affected all versions of the action, as the attacker successfully modified every version tag,” Filiba said.

Dimitri Stiliadis, CTO and co-founder of Endor Labs confirmed that this vulnerability impacts public GitHub repositories with GitHub Actions enabled, and all versions were impacted.

“For organisations that build software, they will likely need to reconfigure their pipelines if they are using the compromised Action,” Stiliadis said. “The attack shouldn’t generally cause outages for customers but it could block organisations from making other changes.”

Public Repositories

He believed that the attacker was likely not looking for secrets in public repositories — they are already public, but were likely looking to compromise the software supply chain for other open source libraries, binaries, and artifacts created with this. “Any public repository that creates packages or containers as part of a CI pipeline could have been impacted. That means potentially thousands of open source packages have the potential to have been compromised.”

Stiliadis said there is no evidence that any downstream open source library or containers has been impacted at this time, but urged open source maintainers and the security community to keep a close eye out for potential secondary compromises.

“The compromised GitHub Action is likely used by many more private repositories. While the exploit only impacted public repositories, any organization using it will want to review their systems,” he said.

“The focus now has to be on what’s next. How long will it take the thousands of open source GitHub repos affected to take the proper security measures and revoke/change secrets?”

Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.