Summary: A critical security vulnerability (CVE-2025-30066) has been found in the tj-actions/changed-files GitHub Action, exposing sensitive information such as access keys and tokens. The flaw has been patched in version 46.0.1, and users are urged to update their workflows immediately to mitigate potential risks. CISA has flagged this issue, emphasizing the need for organizations to enhance their security when utilizing third-party actions.
Affected: tj-actions/changed-files GitHub Action
Keypoints :
- Vulnerability exposes sensitive credentials, including GitHub PATs and RSA private keys.
- Attackers modified previous versions of the action, allowing for credential extraction.
- Organizations are advised to review workflows, update to the latest version, and rotate any potentially exposed secrets.
- Security recommendations include regular audits of dependencies and implementing GitHub’s security features.
- The incident highlights the risks of supply chain attacks on open-source software.
Source: https://thecyberexpress.com/exploited-github-action-cve-2025-30066/
Views: 40