GitHub restores code following malicious changes to tj-actions tool

GitHub was forced to take action this weekend to help users after a threat actor compromised a popular open source package used by more than 23,000 organizations. 

On Friday, cybersecurity firm StepSecurity warned of a security incident impacting the tj-actions/changed-files GitHub Action, a popular tool used to track file changes and trigger other actions depending on those alterations. The tool has more than 1 million monthly downloads.

According to StepSecurity, the attackers modified code in tj-actions/changed-files that affected public repositories and leaked secrets in logs.

The bug, referred to as CVE-2025-30066, allowed remote attackers to expose Continuous Integration and Continuous Deployment (CI/CD) secrets through the action’s build logs and impacts any users who rely on the tj-actions/changed-files action to track changed files within a pull request. 

If logs are publicly accessible, such as in public repositories, unauthorized users could access and retrieve the clear text secrets, experts at Aqua Security explained. 

By Saturday, GitHub says it stepped in to address the issue. A spokesperson told Recorded Future News that there is no evidence to suggest a compromise of GitHub or its systems. 

“TJ-actions is a user-maintained open source project. Out of an abundance of caution, we suspended user accounts and removed the content in accordance with GitHub’s Acceptable Use Policies,” the spokesperson explained. 

“We reinstated the account and restored the content after confirming that all malicious changes have been reverted and the source of compromise has been secured. Users should always review GitHub Actions or any other package that they are using in their code before they update to new versions. That remains true here as in all other instances of using third party code.”

By 10pm Saturday, the code was restored to its original form but it is still unclear who changed it and why. Some of the maintainers said a bot with access to tj-actions/changed-files had its GitHub personal access token stolen by the attackers. 

Wiz Threat Research said it has “identified dozens of repositories affected by the malicious GitHub action, including repos operated by large enterprise organizations.” 

“Some of the leaked secrets we’ve identified so far include valid AWS access keys, GitHub Personal Access Tokens (PATs), npm pokens, private RSA Keys and more.”

Another security firm that examined the issue, Endor Labs, added that they, “have no evidence that any downstream open source library or containers has been impacted at this time.”

Several experts who spoke to Recorded Future News said GitHub’s CI/CD ecosystem is a high-value target for hackers seeking to inject malicious code.

Sectigo’s Jason Soroko explained that the incident “exposes systemic vulnerabilities inherent in third-party dependencies and the automation pipeline.”

“Security professionals must audit their repositories for usage of the compromised Action and replace or remove it entirely, rotating all potentially exposed secrets including AWS keys, GitHub PATs, npm tokens, and RSA keys,” he said.  

Others, like Salt Security director Eric Schwake, noted that the incident was a prime example of why security teams must stay concerned about widely used and seemingly harmless tools being misused as vectors for attack.

Some experts suggested developers have a policy that requires all submissions be signed — noting that the changes made to tj-actions/changed-files were unverified. Allon Mureinik, senior software engineering manager at Black Duck, said this would add overhead and potentially scare away novice developers but may have prevented this kind of attack. 

Mureinik told Recorded Future News that a GitHub Action is ultimately a piece of software, and like any piece of software there are solutions to ensure that the version being used is patched and up to date.  

“While it may be tempting to shrug all these considerations off as ‘the platform’s problem,’ the responsibility to ensure the security of a software project lies with those who build it, whether it’s built locally or by using a third-party service like GitHub,” Mureinik said.