cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
akkem
Newcomer III

GitHub Actions Supply Chain Compromise - tj-actions

tj-actions/changed-files, has been compromised with a payload that appears to attempt to dump secrets, impacting thousands of CI pipelines.

 

https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromi...

https://www.upwind.io/feed/github-actions-supply-chain-compromise-tj-actions-changed-files-action

 

0 Replies