GitHub

A cascading supply chain attack that began with the compromise of the “reviewdog/action-setup@v1” GitHub Action is believed to have led to the recent breach of “tj-actions/changed-files” that leaked CI/CD secrets.

Last week, a supply chain attack on the tj-actions/changed-files GitHub Action caused malicious code to write CI/CD secrets to the workflow logs for 23,000 repositories. If those logs had been public, then the attacker would have been able to steal the secrets.

The tj-actions developers cannot pinpoint exactly how the attackers compromised a GitHub personal access token (PAT) used by a bot to perform malicious code changes.

Today, Wiz researchers think they may have found the answer in the form of cascading supply chain attacks that started with another GitHub action named ‘reviewdog/action-setup.’

The cybersecurity firm reports that the attackers first compromised the v1 tag for the reviewdog/action-setup GitHub action and injected similar code to dump CI/CD secrets to log files.

As tj-actions/eslint-changed-files utilizes the reviewdog/action-setup action, it is believed that the compromised action was used to dump tj-action’s personal access token and steal it.

“We believe that it is likely the compromise of reviewdog/action-setup is the root cause of the compromise of the tj-actions-bot PAT,” explains Wiz in the report.

“tj-actions/eslint-changed-files uses reviewdog/action-setup@v1, and the tj-actions/changed-files repository runs this tj-actions/eslint-changed-files Action with a Personal Access Token.”

“The reviewdog Action was compromised during roughly the same time window as the tj-actions PAT compromise.”

The attackers inserted a base64-encoded payload into install.sh, causing secrets from affected CI workflows to be exposed.

As in the case of tj-actions, the exposed secrets would be visible on public repositories as part of the workflow logs.

Supply chain attack overview
Supply chain attack overview
Source: Wiz

Apart from the reviewdog/action-setup@v1 tag that has been confirmed as breached, the following actions may also be impacted:

  • reviewdog/action-shellcheck
  • reviewdog/action-composite-template
  • reviewdog/action-staticcheck
  • reviewdog/action-ast-grep
  • reviewdog/action-typos

Wiz explains that the security breach at Reviewdog was remediated incidentally, but they informed the team and GitHub of their findings to prevent reoccurrence.

Though the exact method of the breach hasn’t been determined, Wiz comments that review dog maintains a large contributors base and accepts new members via automated invites, which naturally elevates the risk.

Notably, if the action remained compromised, a repeat attack on tj-actions/changed-files with a successful outcome would be practically possible, potentially exposing the just rotated CI/CD secrets.

Recommendations

Wiz suggests that potentially impacted projects run this GitHub query to check for references to reviewdog/action-setup@v1 in repositories.

If double-encoded base64 payloads are found in workflow logs, this should be taken as a confirmation their secrets were leaked.

Developers should immediately remove all references to affected actions across branches, delete workflow logs, and rotate any potentially exposed secrets.

To prevent similar compromises in the future, pin GitHub Actions to commit hashes instead of version tags and use GitHub’s allow-listing feature to restrict unauthorized actions.

Those supply chain attacks and leaked CI/CD secrets are bound to have a lasting effect on impacted projects, so quick action is required to mitigate the risks.

Update 3/19: Reviewdog team published a security advisory aknowledging the compromise and providing instructions for potentially impacted users.

.ia_ad {
background-color: #f0f6ff;
width: 95%;
max-width: 800px;
margin: 15px auto;
border-radius: 8px;
border: 1px solid #d6ddee;
display: flex;
align-items: stretch;
padding: 0;
overflow: hidden;
}

.ia_lef {
flex: 1;
max-width: 200px;
height: auto;
display: flex;
align-items: stretch;
}

.ia_lef a {
display: flex;
width: 100%;
height: 100%;
}

.ia_lef a img {
width: 100%;
height: 100%;
object-fit: cover;
border-radius: 8px 0 0 8px;
margin: 0;
display: block;
}

.ia_rig {
flex: 2;
padding: 10px;
display: flex;
flex-direction: column;
justify-content: center;
}

.ia_rig h2 {
font-size: 17px !important;
font-weight: 700;
color: #333;
line-height: 1.4;
font-family: Georgia, “Times New Roman”, Times, serif;
margin: 0 0 14px 0;
}

.ia_rig p {
font-weight: bold;
font-size: 14px;
margin: 0 0 clamp(6px, 2vw, 14px) 0;
}

.ia_button {
background-color: #FFF;
border: 1px solid #3b59aa;
color: black;
text-align: center;
text-decoration: none;
border-radius: 8px;
display: inline-block;
font-size: 16px;
font-weight: bold;
cursor: pointer;
padding: 10px 20px;
width: fit-content;
}

.ia_button a {
text-decoration: none;
color: inherit;
display: block;
}

@media (max-width: 600px) {
.ia_ad {
flex-direction: column;
align-items: center;
text-align: center;
}

.ia_lef {
max-width: 100%;
}

.ia_lef a img {
border-radius: 8px 8px 0 0;
}

.ia_rig {
padding: 15px;
width: 100%;
}

.ia_button {
width: 100%;
}
}


Red Report 2025

Top 10 MITRE ATT&CK© Techniques Behind 93% of Attacks

Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.