Supply Chain Attackshigh

GitHub Actions Supply Chain: tj-actions Breach Exposes CI Secrets of 23,000 Repositories

The widely used tj-actions/changed-files GitHub Action was compromised, causing it to print CI/CD secrets — including AWS keys, API tokens, and passwords — to public GitHub Action logs where anyone could read them.

tj-actions / GitHub Actions Ecosystem·2023·2 min read

Background

GitHub Actions are reusable workflow components. tj-actions/changed-files was used in over 23,000 repositories to detect which files changed in a pull request. GitHub Actions run in the CI/CD pipeline context with access to all workflow secrets.

The Attack

In March 2023, attackers compromised a personal access token belonging to the maintainer of tj-actions/changed-files. They modified the action to dump the runner's memory to the GitHub Actions log, which included all environment variables and secrets available to the workflow. Because GitHub Actions logs are public for public repositories, anyone could read the extracted secrets. The malicious modification affected all versions of the action via its floating version tags. Researchers traced the attack to a compromised Canonical token in a prior attack.

Response

Researcher Adnan Khan discovered the compromise on March 14, 2023. GitHub immediately suspended the tj-actions account. Thousands of repository owners were notified. Security teams urgently scanned public GitHub Action logs for exposed secrets and rotated credentials.

Outcome

The incident affected over 23,000 repositories. The practice of using floating version tags (v1, v2) for GitHub Actions rather than pinned SHA commits meant a single compromise updated all users simultaneously. The incident drove widespread adoption of pinned action SHA references.

Key Takeaways

  1. Pin GitHub Actions to specific commit SHAs, never to floating version tags — a floating tag update can immediately affect all users
  2. GitHub Actions logs are public for public repositories — never allow secrets to be printed to logs
  3. Personal access tokens for action maintainers are critical infrastructure that need hardware MFA and scope limitations
  4. Audit public GitHub Action logs for accidentally exposed secrets immediately after any action compromise is announced

How to Prevent This

All guides
intermediate

Pin GitHub Actions to specific commit SHAs, never to floating version tags

GitHub Actions version tags (uses: actions/checkout@v4) are mutable — the action maintainer can change what v4 points to at any time, or have their account compromised. The tj-actions breach demonstrated this: a compromised action was immediately applied to all 23,000 repositories using it via floating tag. Pin actions to the specific commit SHA that you have reviewed (uses: actions/checkout@abc123def456). The full SHA is immutable — it cannot be changed retroactively. Use a tool like Dependabot or Renovate to open pull requests when pinned SHA versions need updating, giving you review control.

See: GitHub Actions tj-actions BreachSupply Chain Security
GitHub ActionsCI/CDfloating tagssecrets exposureaction compromise

More in Supply Chain Attacks

2020critical

SolarWinds Supply Chain Attack

2 min readSupply Chain Attacks
2011critical

RSA SecurID: When Two-Factor Authentication Gets Hacked

2 min readSupply Chain Attacks
2021critical

Kaseya VSA: Ransomware Delivered to 1,500 Businesses in One Hit

2 min readSupply Chain Attacks