Urgent Security Advisory: Vulnerability CVE-2025-30066 Found in tj-actions/changed-files GitHub Action

Critical Security Flaw Discovered in Popular GitHub Action: Immediate Update Required

A significant security vulnerability, designated CVE-2025-30066, has been identified in the widely utilized GitHub Action tj-actions/changed-files, exposing sensitive information such as GitHub Personal Access Tokens (PATs), npm tokens, and private RSA keys. The vulnerability, which poses a threat to countless developers and organizations, was patched in version 46.0.1. Users are strongly urged to update immediately to safeguard their workflows and repositories.

Contents

Urgent Security Advisory: Vulnerability CVE-2025-30066 Found in tj-actions/changed-files GitHub Action Critical Security Flaw Discovered in Popular GitHub Action: Immediate Update Required What Happened?CISA’s Warning and Recommended Actions Staying Secure

What Happened?

The tj-actions/changed-files action, essential for tracking file modifications in pull requests and commits, was compromised between March 14 and March 15, 2025. Malicious actors altered previous safe versions (v1 through v45.0.7) to point to a harmful commit, allowing them to access logs that could lead to sensitive credential theft. The issue was discovered by StepSecurity Harden-Runner, leading to a swift response from both GitHub and the action’s maintainer.

CISA’s Warning and Recommended Actions

The Cybersecurity and Infrastructure Security Agency (CISA) has flagged CVE-2025-30066 in its Known Exploited Vulnerabilities Catalog, underscoring the severity of the incident. Users who engaged with tj-actions/changed-files during the affected timeframe are advised to review their workflows for any suspicious activity, update to the patched version immediately, and rotate any exposed credentials as a precautionary measure.

Staying Secure

This incident serves as a stark reminder of the vulnerabilities inherent in third-party dependencies. Cybersecurity experts recommend regular dependency audits, enabling GitHub’s security features, and restricting permissions for third-party actions to the principle of least privilege. By proactively managing security risks, developers and organizations can better protect themselves against future supply chain attacks.

With the ever-evolving cyber threat landscape, staying vigilant is key to maintaining the integrity of development processes.

Update Your GitHub Workflows Without Delay

Urgent Security Advisory: Vulnerability CVE-2025-30066 Found in tj-actions/changed-files GitHub Action

Critical Security Flaw Discovered in Popular GitHub Action: Immediate Update Required

What Happened?

CISA’s Warning and Recommended Actions

Staying Secure

Related articles

CrowdStrike Unveils Agentic AI: Introducing Charlotte AI Detection Triage – Intelligent CISO

The Thames Valley CCTV Partnership Boosts Public Safety with Genetec – Intelligent CISO

Oracle’s Isolated Cloud to Enhance Singapore’s Defense Initiatives

Recent articles

Dark Web’s Sinister Deal: Account Hacking Available for $450 | Ahmedabad News

Exploring Opportunities and Risks: A Forward-Looking Security Review

CrowdStrike Unveils Agentic AI: Introducing Charlotte AI Detection Triage – Intelligent CISO

Gozney Tread Pizza Oven Review: Sleek and Space-Saving Excellence

Latest Updates

Dark Web’s Sinister Deal: Account Hacking Available for $450 | Ahmedabad News

Exploring Opportunities and Risks: A Forward-Looking Security Review

CrowdStrike Unveils Agentic AI: Introducing Charlotte AI Detection Triage – Intelligent CISO

Gozney Tread Pizza Oven Review: Sleek and Space-Saving Excellence