Supply Chain Attack Targets GitHub Action, Compromising Sensitive Data
A recent supply chain attack has raised significant cybersecurity concerns, particularly for businesses relying on open-source projects. This incident originated from the GitHub Action “tj-actions/changed-files,” which was initially directed at one of Coinbase’s open-source initiatives but subsequently expanded in scale.
According to a report from Palo Alto Networks Unit 42, the attack aimed to exploit the public CI/CD pipeline of Coinbase’s project, agentkit, likely to facilitate further breaches. Despite the focus on this targeted attack, the adversary was unable to access Coinbase’s secrets or publish unauthorized packages. On March 14, 2025, it became apparent that the compromised GitHub Action was being used to inject code that leaked sensitive repository secrets from affected workflows, designated under the CVE identifier CVE-2025-30066 with a CVSS score of 8.6.
The implications of this breach are extensive. Endor Labs estimates that 218 GitHub repositories may have exposed their secrets, with leaked information including credentials for DockerHub, npm, and Amazon Web Services (AWS), as well as GitHub installation access tokens. Security analyst Henrik Plate noted that while the potential impact appeared daunting—considering the wide usage of the GitHub Action—only a subset of repositories were ultimately affected, most of which contained transient GITHUB_TOKENs that expire at the conclusion of a workflow run.
Compounding the situation, investigators found that a second GitHub Action, “reviewdog/action-setup,” which “tj-actions/changed-files” depends on, had also been compromised. The vulnerability associated with this was tracked as CVE-2025-30154, also with a CVSS score of 8.6. This exploitation enabled the attackers to acquire a personal access token (PAT) associated with “tj-actions/changed-files,” permitting modifications to repositories that utilized the vulnerable action.
Details of the attack reveal sophisticated techniques employed by the adversary. The attackers utilized tactics reflecting several MITRE ATT&CK techniques, such as initial access through code injection, persistence via manipulation of GitHub Actions, and potential privilege escalation to manipulate workflows and credentials stored in repository runners. The complexity of these techniques suggests the attackers possessed a high degree of expertise in CI/CD security vulnerabilities.
Unit 42 experts noted that the attackers attempted to obscure their actions by creating multiple ephemeral GitHub user accounts and using “dangling commits” strategy to disguise their commit history on workflows. Although GitHub has not confirmed or denied whether it suffered a direct compromise, it continues to investigate the situation and has asserted the attack was conducted on user-maintained open-source projects.
In light of this breach, organizations are reminded to exercise caution when integrating third-party dependencies into their workflows. As mentioned by GitHub, users should thoroughly review any GitHub Action or software package prior to adopting updates, a practice that is crucial to mitigate future vulnerabilities.
Despite the initial focus on Coinbase, the attacker seemed to pivot quickly towards a more widespread operation, potentially driven by the realization that the specific Coinbase attack had been thwarted. The rapid transition, occurring just 20 minutes after Coinbase mitigated the exposure, underscores an opportunistic shift in strategy aimed at causing broader disruption.
The details surrounding this incident reveal critical lessons for business owners regarding the importance of vigilance in supply chain security. As the situation continues to evolve, organizations must remain proactive in understanding the complexities of cybersecurity threats within their tech stacks—particularly those associated with open-source dependencies.
