FYI: https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/
https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
Semgrep
Semgrep | π¨ Popular GitHub Action tj-actions/changed-files is compromised
Popular GitHub Action tj-actions/changed-files has been compromised with a payload that appears to attempt to dump secrets, impacting thousands of CI pipelines.
"Programming Is Like S*x: One mistake and you have to support it for the rest of your life." β Michael Sinz
πππ
πππ