Cybersecurity researchers have uncovered a major security breach involving the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. The attack, assigned CVE-2025-30066 (CVSS 8.6), exposed CI/CD secrets by modifying the action’s code and updating version tags to reference a malicious commit.

The compromised action printed sensitive secrets, including AWS access keys, GitHub Personal Access Tokens (PATs), npm tokens, and RSA keys in GitHub Actions build logs. If logs were publicly accessible, attackers could have retrieved these secrets. However, there is no evidence that any were exfiltrated.

The attack originated from an unverified source code commit, which injected a Python script hosted on a GitHub gist. The gist has since been removed. Researchers say the malicious payload was “carefully concealed” to evade detection.

The attackers compromised a GitHub PAT used by @tj-actions-bot, which had privileged access to the repository. Following the breach, maintainers revoked the token, upgraded authentication to a passkey, and limited permissions to prevent future attacks. GitHub has also revoked the compromised PAT:

“The Personal access token affected was stored as a GitHub action secret which has since been revoked. Going forward no PAT would be used for all projects in the tj-actions organization to prevent any risk of reoccurrence.”

Users are urged to update to version 46.0.1 immediately and review workflows executed between March 14 and 15 for unexpected output in the changed-files section.

This is not the first security issue affecting the project. A previous flaw (CVE-2023-49291, CVSS 9.8) was discovered in January 2024, highlighting ongoing risks in open-source software supply chains.