A significant security incident involving a GitHub Action supply chain attack has resulted in the exposure of secrets from 218 repositories. The compromised GitHub Action, tj-actions/changed-files, was exploited by attackers who inserted malicious code to extract CI/CD secrets from the Runner Worker process. This data was then written to the repository. If workflow logs were publicly accessible, these secrets became readily available to anyone.
GitHub Supply Chain Attack: The Attack Vector
The initial attack vector appears to have stemmed from another supply chain attack targeting the reviewdog/action-setup@v1 GitHub Action. This breach may have compromised a GitHub Personal Access Token (PAT) belonging to a bot with sufficient privileges to modify the tj-actions/changed-files repository. The malicious commit, added on March 14, 2025, facilitated the secret exfiltration.
Data of Exposed GitHub Action Secrets
While only a small fraction of the approximately 23,000 projects using tj-actions/changed-files were affected, the potential consequences are substantial. Endor Labs, which tracked the incident, reported that between March 14, 04:00 PM UTC, and March 15, 02:00 PM UTC, 5,416 repositories across 4,072 distinct organizations referenced the compromised action. Some of these repositories are extremely popular, boasting over 350,000 stars and 63,000 forks, significantly amplifying the potential impact.
Repositories with references to the breached GitHub Action
Source: Endor Labs
Of the 5,416 repositories referencing the compromised action, 614 executed the affected workflow during the timeframe. Endor Labs clarifies, “
Having executed the action does not necessarily mean that any credentials were printed to the console log. Some repositories followed best-practice recommendations and referenced the commit SHA instead of a mutable tag. Others were run before the attacker tampered with all of the version tags such that they point to the malicious commit.”
However, 218 repositories ultimately leaked secrets to their console logs.
The exposed secrets primarily included GitHub install access tokens (which expire within 24 hours), but also credentials for DockerHub, npm, and AWS, posing a more serious long-term risk. Repository owners are urged to immediately rotate their secrets to prevent exploitation.
GitHub advises users to review its security hardening guidance and restrict access to sensitive files and folders. The investigation continues to determine if the initial reviewdog breach led to further compromises beyond tj-actions and whether any of the 218 affected projects suffered additional breaches.
