A critical security incident has been uncovered involving the popular GitHub Action tj-actions/changed-files, which is used in over 23,000 repositories. The attack involves a malicious modification of the Action’s code, leading to the exposure of CI/CD secrets in GitHub Actions build logs. This vulnerability was detected by StepSecurity’s Harden-Runner, a tool designed to secure CI/CD […] The post Supply Chain Attack Targets 23,000 GitHub Repositories appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/supply-chain-attack-targets/
