GitHub Supply Chain Attack: CVE-2025-30066 and CVE-2025-30154 Expose Secrets Across 218 Repositories

Published: March 25, 2025
Supply Chain Attack on GitHub Action

A major supply chain attack has exposed sensitive CI/CD secrets in GitHub Action tj-actions/changed-files, known as CVE-2025-30066, across 218 repositories.

This incident has raised significant concerns about security and is connected to an earlier attack on the other GitHub Action, reviewdog/action-setup@v1, tracked as CVE-2025-30154.

While only 4% of the 5,416 repositories that were affected had secrets leaked, the damage is severe. Some of the repositories compromised have hundreds of thousands of stars and tens of thousands of forks, which all increase the risk of supply chain attacks.

Timeline of the Attack:

  • March 11, 2025: Attackers compromise reviewdog/action-setup@v1 which could have obtained a GitHub personal access token (PAT) for the bot configured to manage tj-actions/changed-files.
  • March 14, 2025 (4:00 PM UTC): Attackers create a malicious commit to tj-actions/changed-files that allows the code to dump CI/CD secrets into publicly viewable logs.
  • March 15, 2025 (2:00 PM UTC): GitHub removes the Action that generated the leaked secrets.
  • March 15, 2025 (10:00 PM UTC): The repository is restored but the damage is done.
  • March 19, 2025: Security researchers confirm multiple additional reviewdog actions are likely compromised.
  • March 20, 2025: Cyber Security organizations including CISA advise organizations to rotate secrets and audit workflows.

Scope of the Breach

The GitHub Action supply chain attack affected tj-actions/changed-files, a popular and widely used repository that impacted thousands of software projects.

According to Endor Labs, the attack compromised 5,416 repositories used by 4,072 organizations. 614 repositories ran workflows that incorporated the malicious action.

218 repositories were found to have exposed credentials (e.g., GitHub tokens) in publicly accessible logs.

While this number is small considering that more than 23,000 repositories are using the compromised action, the security implications are concerning.

Some of the affected repositories have more than 350,000 stars and over 63,000 forks, indicating that an attack success could lead to additional potential supply chain attacks against a broader swath of developers or organizations.

Also Read:
Researchers Demo New CI/CD Attack in PyTorch Supply-Chain that Exploiting GitHub Self-Hosted Action Runner

What Was Leaked?

The compromised credentials were primarily GitHub tokens, which are set to expire within 24 hours.

Other credentials included AWS keys, npm tokens, DockerHub credentials, and private RSA keys, which pose multi-layered security risks as they could be potentially exposed for years.

Link to Reviewdog Attack (CVE-2025-30154)

Security researchers ultimately traced the compromise of tj-actions/changed-files to an earlier supply chain attack on reviewdog/action-setup@v1, which occurred on March 11, 2025.

Also Read: CyberLink Breached Through Supply Chain Attack By North Korean Hackers

The reviewdog attack exposed a GitHub PAT used by a bot, allowing attackers to alter tj-actions/changed-files. With the connection between the two attacks, experts suggest that there may be consequences for other GitHub Actions as well.

Reviewdog actions that may be compromised include:

  • reviewdog/action-shellcheck
  • reviewdog/action-composite-template
  • reviewdog/action-staticcheck
  • reviewdog/action-ast-grep
  • reviewdog/action-typos

This indicates a broader supply chain attack campaign, where attackers have compromised one GitHub Action and used the information to compromise another.

Mitigation and Security Recommendations

To mitigate impacts associated with the GitHub Action supply chain attack and to take steps to avoid similar incidents, organizations need to take immediate security action.

Organizations should rotate any secrets that have been exposed in affected repositories, such as GitHub tokens, AWS keys, and npm credentials, in order to prevent further unauthorized access.

Recommended: NIST Supply Chain Security Guidance for CI/CD Environments

Developers should also audit their CI/CD workflows for any unexpected output in the ‘changed-files’ section of those workflows and verify that compromised commits are not referenced in the workflows at all.

GitHub recommends updating workflows to reference specific commit SHAs in the workflow instead of mutable tags (e.g., v1 or latest), which limits an attacker’s ability to inject malicious code into an already tagged version.

In addition, logs for workflows should be configured as private so that credential information is not leaked in logs that are publicly accessible.

Organizations should put in place strict pipeline access controls–to determine who can modify and execute GitHub Actions for their repositories-long term.

This can be combined with a trusted GitHub action allow-listing approach to limit the options available to any potentially unwanted or compromised external third-party tools from being in a workflow.

Security teams should regularly review GitHub Personal Access Tokens (PATs) and enforce multi-factor authentication (MFA) for developers with elevated permission or access.

The Cybersecurity and Infrastructure Security Agency (CISA) has included CVE-2025-30066 in its Known Exploited Vulnerabilities Catalog. It encourages all affected users to report any suspicious activity or breaches as soon as possible.

Finally, as they move forward, development teams should watch for security advisories and proactively implement GitHub’s security hardening best practices to reduce the risk of future supply-chain attacks.

Conclusion

In order to ensure a secure software ecosystem and to defend against supply chain attacks, your organization should proactively use DigiCert Software Trust Manager.

The DigiCert portfolio provides enterprise-hardened secure code signing, threat detection scanning, and CI/CD pipeline automation services to help explicitly manage the integrity of your software supply chain.

DigiCert is a leading software and code signing provider, securing more than 90% of the world’s software supply chains, inoculating organizations against unauthorized access and malware through role-based permission controls and deep insights into software binaries, all while managing complex DLP policies.

Protecting your business begins now—using DigiCert Software Trust Manager to mobilize your users to safeguard a secure, policy-driven software security strategy.

Also Read: What is a Software Bill of Material? SBOM and Supply Chain Security

Don’t leave your software vulnerable in the “trust and understand but looking away” category, consider an upgrade or integration with DigiCert Software Trust Manager to protect, and take action to deploy and fend off new threats to supply chains.

Cyber Security

Trusted Code Signing Certificates

Prevent Code Tampering and Authenticate Code Integrity by Digitally Sign your Code with Trusted Code Signing Certificates.

Get Code Signing Certificate

Related posts:

  1. Researchers Demo New CI/CD Attack in PyTorch Supply-Chain that Exploiting GitHub Self-Hosted Action Runner
  2. CyberLink Breached Through Supply Chain Attack By North Korean Hackers
  3. What Is Software Supply Chain Security? Comprehensive Guide
  4. What is a Software Bill of Material? SBOM and Supply Chain Security
Janki Mehta

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast who constantly updates herself with new advancements in the Web/Cyber Security niche. Along with theoretical knowledge, she also implements her practical expertise in day-to-day tasks and helps others to protect themselves from threats.

Leave a comment

Your email address will not be published. Required fields are marked *