While developers were busy pushing code on March 14, 2025, a silent attack was unfolding. The popular GitHub Action tj-actions/changed-files fell victim to a sophisticated supply chain attack, exposing sensitive credentials across the developer ecosystem. Bad news for the 23,000 repositories relying on this tool.
The breach, now tracked as CVE-2025-30066, was surgical in its approach. Attackers compromised a GitHub personal access token belonging to @tj-actions-bot, inserted malicious code, and manipulated version tags. Their goal? Simple but devastating: dump CI/CD secrets directly into public workflow logs. Anyone with an internet connection could view them. Yikes.
Attackers struck like ghosts, hijacking tokens and exposing secrets to the entire internet with clinical precision.
Not every repository using the action was affected. Endor Labs tracked 5,416 repositories across 4,072 organizations that referenced the compromised action. Of those, 614 actually executed the workflow during the exposure window. The real damage? 218 repositories leaked secrets to console logs. Some of these weren’t small-time projects either – we’re talking repositories with over 350,000 stars.
The exposed credentials ran the gamut from GitHub install tokens (which thankfully expire within 24 hours) to the crown jewels: DockerHub credentials, npm tokens, AWS access keys, and even private RSA keys. A hacker’s dream come true. The compromise follows a concerning trend where infostealer trojans have increased by 643% over the past three years.
GitHub moved quickly once StepSecurity reported the issue on March 15, removing the compromised action within hours. By 10 PM that same day, the repository was restored without the malicious code. The malicious code included a function written in Node.js that downloaded a Python script designed to scan GitHub Runner memory for credentials. GitHub has since enforced passkeys and restrictions on the compromised bot account to prevent similar incidents in the future.
This attack didn’t happen in isolation. Investigators linked it to an earlier compromise of reviewdog/action-setup@v1 – suggesting a coordinated campaign targeting the developer supply chain.
Smart developers dodged this bullet by pinning to specific commit hashes instead of mutable tags. Others weren’t so lucky. The lesson? Your CI/CD pipeline is just as critical as production. Treat it accordingly.
For affected teams, the weekend was spent rotating credentials and checking for unexpected activity. Just another day in paradise for security teams.
