This content is viewable by Everyone

03/27/25: Supply Chain Compromise of Third-Party GitHub Action

A security update was released to address a vulnerability in Github Action, tj-actions/changed-files. An attacker could exploit this vulnerability to disclosure of Github Personal Access Tokens (PATs), npm tokens, and private RSA keys.

For a complete description of the vulnerabilities and affected systems, go to

IT Security 

Read more about IT Security service offerings.