The recent supply chain attack targeting GitHub Actions has raised alarming concerns over the security of CI/CD processes. Initially aimed at one of Coinbase’s open-source projects, the attack quickly broadened its scope, impacting a significant number of repositories.
According to a report by Palo Alto Networks Unit 42, the malicious payload primarily focused on exploiting the continuous integration/continuous deployment (CI/CD) workflow associated with one of Coinbase’s projects, "agentkit." The goal appeared to be further compromises through this initial access point, though the attackers were unable to leverage Coinbase’s secrets or distribute malicious packages.
This incident surfaced on March 14, 2025, when it was discovered that a GitHub Action named "tj-actions/changed-files" had been compromised. This breach allowed attackers to inject code that leaked sensitive credentials from multiple repositories utilizing this workflow, with the vulnerability assigned the CVE identifier CVE-2025-30066, carrying a CVSS score of 8.6.
Endor Labs estimated that 218 GitHub repositories were affected, exposing various credentials, including access tokens for DockerHub, npm, AWS, and GitHub installs. Despite the initial fear surrounding the scale of the attack—given the thousands of repositories dependent on the affected GitHub Action—closer inspection revealed that the impact was more limited than anticipated. The majority of leaked tokens were temporary GITHUB_TOKENs, which expire at the end of a workflow run.
Complicating matters further, it was later uncovered that another GitHub Action, "reviewdog/action-setup," which "tj-actions/changed-files" relies on, had also experienced a similar compromise prior to the tj-actions incident. This particular breach was tracked as CVE-2025-30154, also rated at 8.6 for its severity. The exploitation of this vulnerability enabled the threat actor to obtain a personal access token (PAT) for "tj-actions/changed-files," which facilitated modifying the repository and adding malicious code to the GitHub workflows.
The modus operandi of the attacker involved persisting anonymity by utilizing various techniques, including creating multiple temporary user accounts and obfuscating their actions within workflow logs. Unit 42’s research suggested the attacker may have concealed their original GitHub account by switching from a legitimate email to a disposable one, which could mask their activities from scrutiny.
While GitHub has not confirmed the nature of the attack vector, they stated they are actively examining the situation. While no evidence has surfaced suggesting an overall compromise of GitHub itself, the affected projects were identified as user-managed open-source contributions.
In summary, as highlighted by Unit 42, the current situation underscores the ongoing vulnerabilities present in CI/CD environments and the critical need for developers to maintain vigilance over third-party dependencies. The evolving nature of this attack—initially focused before scaling up—indicates an adaptive strategy from the adversaries, possibly motivated by a desire for financial gain through cryptocurrency theft, especially given the targeting of Coinbase.
The incident serves as a stark reminder to the development community to exercise caution when integrating external actions into their workflows, ensuring rigorous security assessments and oversight.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.