The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files. This action, exploited under CVE-2025-30066, is designed to identify changes in files during pull requests or commits. However, its compromise poses a significant risk to users by allowing unauthorized access to […]

The post CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/cisa-warns-github-action-vulnerability/