Changed Files
Monthly
tj-actions/changed-files GitHub Action was compromised in a supply chain attack where modified tags pointed to credential-stealing code, exposing secrets from GitHub Actions workflows across thousands of repositories.
tj-actions/changed-files is a Github action to retrieve all files and directories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
tj-actions/changed-files GitHub Action was compromised in a supply chain attack where modified tags pointed to credential-stealing code, exposing secrets from GitHub Actions workflows across thousands of repositories.
tj-actions/changed-files is a Github action to retrieve all files and directories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.