Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow. The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It's used to track and retrieve all
![]()
source https://thehackernews.com/2025/03/github-action-compromise-puts-cicd.html
source https://thehackernews.com/2025/03/github-action-compromise-puts-cicd.html