<ul><li>Attackers compromised the popular GitHub Action tj-actions/changed-files, used in over 23,000 repositories, leading to a security vulnerability.</li><li>GitHub Actions are workflow patterns that automate common DevOps tasks triggering when specific events occur on GitHub.</li><li>The tj-actions/changed-files GitHub Action was infected with malicious code, disguised as the updateFeatures function.</li><li>Lessons from the incident include the need for information-security hygiene throughout the entire software development lifecycle and proper secrets management in GitHub Actions.</li></ul>

Supply chain attack via GitHub Action | Kaspersky official blog

Discover more