Supply Chain Attack On Github Action Tj Actions Changed Files Targets Coinbase Expands To

GitHub Action Tj-actions/changed-files Supply Chain Attack | Wiz Blog

GitHub Action Tj-actions/changed-files Supply Chain Attack | Wiz Blog A compromise of the github action tj actions/changed files highlights how attackers could exploit vulnerabilities in third party actions to compromise supply chains. The supply chain compromise allows for information disclosure of secrets including, but not limited to, valid access keys, github personal access tokens (pats), npm tokens, and private rsa keys. this has been patched in v46.0.1.

GitHub - Tj-actions/changed-files: Github Action To Retrieve All (changed, Added, Modified ...

GitHub - Tj-actions/changed-files: Github Action To Retrieve All (changed, Added, Modified ... The supply chain attack involving the github action "tj actions/changed files" started as a highly targeted attack against one of coinbase's open source projects, before evolving into something more widespread in scope. A supply chain attack on popular github action tj actions/changed files caused many repositories to leak their secrets. discover how it unfolded and the steps to mitigate the risk. Researchers from wiz confirmed that coinbase was the original target in an updated blog post. the attack was designed to exploit the public continuous integration/continuous delivery flow of one of the crypto exchange’s open source projects, called agentkit. Cve 2025 30066 describes a supply chain attack targeting the widely used github action tj actions/changed files. this attack involved a malicious actor compromising the action and injecting code that leaked secrets from affected public repositories into workflow logs.

Releases · Tj-actions/changed-files · GitHub

Releases · Tj-actions/changed-files · GitHub Researchers from wiz confirmed that coinbase was the original target in an updated blog post. the attack was designed to exploit the public continuous integration/continuous delivery flow of one of the crypto exchange’s open source projects, called agentkit. Cve 2025 30066 describes a supply chain attack targeting the widely used github action tj actions/changed files. this attack involved a malicious actor compromising the action and injecting code that leaked secrets from affected public repositories into workflow logs. Attackers modified the action's code and retroactively updated multiple version tags to reference a malicious commit, so all versions of the tool were compromised. On march 14, 2025, a critical supply chain attack targeted the widely used github action tj actions/changed files. this action, utilized in over 23,000 repositories, was compromised when attackers injected malicious code, causing ci/cd pipeline secrets to be exposed in github actions logs. By analyzing the attack chain step by step, we aim to highlight critical lessons for developers, maintainers, and security teams to fortify their defenses against similar threats. here's how the entire attack unfolded, one move at a time. What started as a focused attack on one of coinbase’s open source repositories soon escalated into a widespread supply chain attack affecting 218 repositories. below, we break down the.

GitHub - Tj-actions/changed-files: Github Action To Retrieve All (added, Copied, Modified ...

GitHub - Tj-actions/changed-files: Github Action To Retrieve All (added, Copied, Modified ... Attackers modified the action's code and retroactively updated multiple version tags to reference a malicious commit, so all versions of the tool were compromised. On march 14, 2025, a critical supply chain attack targeted the widely used github action tj actions/changed files. this action, utilized in over 23,000 repositories, was compromised when attackers injected malicious code, causing ci/cd pipeline secrets to be exposed in github actions logs. By analyzing the attack chain step by step, we aim to highlight critical lessons for developers, maintainers, and security teams to fortify their defenses against similar threats. here's how the entire attack unfolded, one move at a time. What started as a focused attack on one of coinbase’s open source repositories soon escalated into a widespread supply chain attack affecting 218 repositories. below, we break down the.

TJ-Action Compromise: Uncovering the Massive GitHub Actions Supply Chain Attack All you need to know