More than 23,000 code repositories are now at risk after malicious code was added to GitHub Actions, a popular tool used for software development environments. This breach potentially gives attackers access to sensitive information, including API keys and authentication tokens, which could allow them to infiltrate other widely used tools, according to experts in the field.
GitHub, which is based on the Git version control system, serves as a platform for developers to store, manage, and share code and is essential to many software development and collaboration environments. Security researchers recently discovered that an attacker injected malicious code into a tool for GitHub Actions, which automates continuous integration and continuous delivery workflows within GitHub.
The malicious code was injected into changed-files, a popular tool for GitHub Actions that detects which files have changed in a pull request or commit, allowing workflows to execute tasks conditionally based on file modifications. This tool is widely adopted by both open-source and enterprise repositories, making the potential impact of this breach significant.
Experts believe that this attack was orchestrated as a supply-chain attack, with the goal of compromising the software supply chain for other open-source libraries, binaries, and artifacts created using GitHub Actions. Any public repository that creates packages or containers as part of a CI pipeline could have been impacted by this breach.
StepSecurity, a software firm specializing in software supply chain security for GitHub Actions, was the first to discover the attack and issued a warning on Friday after identifying the malicious activity. The attackers modified the code of the affected tool and updated multiple version tags to reference the malicious commit, indicating a sophisticated and carefully planned attack.
The vulnerability underlying this incident has been identified as CVE-2025-30066. The attack involved injecting a malicious function written in Node.js into the GitHub Actions tool, which then downloaded a Python script designed to scan the memory of the GitHub Runner for credentials. GitHub Runner refers to GitHub-hosted virtual machines that run jobs, making them a prime target for attackers seeking to extract sensitive information.
In response to the attack, GitHub took swift action to address the security incident. They removed the compromised tool, tj-actions/changed-files, and issued a security alert warning users that all versions of the tool from v1 to 45.0.7 were compromised and could potentially allow remote attackers to extract secrets by reading actions logs. GitHub later restored the tool with all malicious code removed, but the potential impact of the breach on affected repositories remains a concern.
Organizations with public repositories that used the compromised version of tj-actions/changed-files during the specified timeframe are considered to be at high risk of having their secrets exposed via public logs. Private repositories may also have been affected, albeit to a lesser extent. To mitigate the risk, experts recommend conducting a thorough code search across repositories to identify instances of the affected tool and rotating any compromised secrets immediately.
Overall, the incident serves as a reminder of the importance of implementing robust third-party risk management practices and conducting regular security audits to protect against supply-chain attacks and other cybersecurity threats. Vigilance and proactive measures are crucial in safeguarding sensitive information and maintaining the integrity of software development environments in an increasingly interconnected digital landscape.