This content is viewable by Everyone
03/27/25: Supply Chain Compromise of Third-Party GitHub Action
A security update was released to address a vulnerability in Github Action, tj-actions/changed-files. An attacker could exploit this vulnerability to disclosure of Github Personal Access Tokens (PATs), npm tokens, and private RSA keys.
For a complete description of the vulnerabilities and affected systems, go to
Read more about IT Security service offerings.