The tj-actions/changed-files GitHub Action supply chain attack in March 2025 exposed CI/CD secrets across 23,000 repositories, initially targeting Coinbase

On March 14, 2025, attackers compromised the tj-actions/changed-files GitHub Action (used by 23,000+ repositories) by stealing a personal access token from the @tj-actions-bot account, then modified all existing version tags to point to malicious code that dumped CI/CD runner memory -- exposing access keys, GitHub PATs, npm tokens, and private RSA keys from every repository that ran the action. Why it matters: thousands of repositories' secrets were written to public workflow logs, so attackers could harvest credentials for downstream systems including cloud providers and package registries, so compromised npm tokens could be used to publish malicious versions of legitimate packages, so a single compromised GitHub Action created a cascading supply chain attack vector across the entire ecosystem, so the attack demonstrated that GitHub's tag-based versioning model for Actions provides no integrity guarantees. The structural root cause is that GitHub Actions' versioning system allows maintainers (or attackers with maintainer access) to retroactively modify what code a version tag points to, and the ecosystem convention of pinning to major version tags (e.g., @v45) rather than immutable commit SHAs means a single compromised PAT can silently replace trusted code across thousands of CI/CD pipelines simultaneously.