A critical security incident involving the tj-actions/changed-files GitHub Action has been reported.
The changed-files action, which allows GitHub repositories to track file changes, has been tampered with to allow the exposure through GitHub Actions build logs of CI/CD secrets, including passwords, tokens, API keys, PII and other sensitive data that have been embedded within software code. Workflow logs that are made publicly accessible, such as those for public repositories, could allow attackers to obtain exposed secrets for further malicious actions. The issue is tracked as a high-severity vulnerability under CVE-2025-30066.
Read more…
Source: NHS Digital
Related:
- Router Network Isolation Broken By Covert Data Exfiltration
August 18, 2019
Software-based network isolation provided by routers is not as efficient as believed, as hackers can smuggle data between the networks for exfiltration. Most modern routers offer the possibility to split the network into multiple segments that work separately. One example is a guest network that works in parallel with the host. The boundary insulates sensitive or critical ...
- British Airways E-Ticketing Flaw Exposes Passenger Flight, Personal Data
August 13, 2019
A vulnerability in British Airways’ e-ticketing system could enable a bad actor to view passengers’ personal data or change their booking information. A security bug discovered in British Airways’ e-ticketing system has the potential to expose passengers’ data, including their flight booking details and personal information. Researchers on Tuesday said that check-in links being sent by British ...
- Microsoft names top security researchers, zero-day contributors
August 9, 2019
At the Black Hat security conference in Las Vegas, Microsoft announced the top security researchers and enterprise partners who contributed the most vulnerability and zero-day reports affecting the company’s products. Microsoft’s list of top contributors has become a Black Hat tradition, and many industry experts use it as a guide to today’s top bug hunters. Security researchers ...
- Three major vulnerabilities found in Cisco SMB switches
August 7, 2019
Three of Cisco’s most popular switches for SMBs contain serious security flaws that could allow a hacker to remotely access the device and infiltrate an organisation’s network. The critical vulnerabilities, which affect Cisco’s Small Business 220 Series of smart switches, include a remote code execution (RCE) bug rated 9.8/10 by Cisco in terms of threat severity, an authentication bypass rated 9.1/10 ...
- KDE Linux Desktops Could Get Hacked Without Even Opening Malicious Files
August 7, 2019
If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any “.desktop” or “.directory” file for a while. A cybersecurity researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted .desktop and .directory files to silently run ...
- New Windows hack warning: Patch Intel systems now to block SWAPGSAttack exploits
August 6, 2019
A newly uncovered vulnerability affecting every Windows computer using an Intel processor built since 2012 could allow attackers to bypass safeguards and access information held in a system’s protected kernel memory. This new side-channel attack is built on previous research into other CPU vulnerabilities – such as Spectre and Meltdown – but this new vulnerability can bypass the ...