More details have come to light on the recent supply chain hack targeting GitHub Actions, including the root cause of the incident and its scope.
The attack came to light late last week, when it was discovered that the code of a GitHub action named ‘tj-actions/changed-files’, which is actively used by over 23,000 repositories for tracking file and directory changes, had been modified to execute a malicious script designed to dump CI/CD secrets to build logs.
Threat actors could then obtain the leaked secrets from these logs and leverage them for further attacks. However, to date there does not appear to be any evidence of the collected data actually being exfiltrated.
[...]
Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed
Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed
-
rbc
- Secretary
- Posts: 374
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed
Robert B. Carleton + ISC2 Central Mississippi Secretary