GitHub as supply-chain attack vector

GitHub is an invaluable platform used by app developers to manage workflows, maintain version control, store and share code, collaborate on projects, and more. But recent attacks using compromised GitHub actions and artifacts are a sobering reminder of the importance of practicing supply-chain security best practices while making use of any third-party code.

An irresistible vector

its very nature, GitHub is very attractive to cybercriminals as a vector for software supply-chain attacks. If attackers can penetrate GitHub security and compromise a piece of code—a shared building block—that is commonly used by large numbers of developers, they can find themselves with backdoor access to hundreds or thousands of networks with valuable data to extract.

Compromised action affects 23,000

Today as I’m writing, on March 19, 2025, a major attack was discovered. As reported in an alert published by the US Cybersecurity & Infrastructure Security Agency (CISA):

A popular third-party GitHub Action, tj-actions/changed-files (tracked as CVE-2025-30066), was compromised. This GitHub Action is designed to detect which files have changed in a pull request or commit. The supply chain compromise allows for information disclosure of secrets including, but not limited to, valid access keys, GitHub Personal Access Tokens (PATs), npm tokens, and private RSA keys. This has been patched in v46.0.1.

The compromised GitHub Action was active in some 23,000 different GitHub repositories, meaning that while it was active it could have exposed secrets to public view on a vast scale.

One unexpected feature of the attack is that the malicious payload does not exfiltrate stolen data to an external server. Instead, it simply dumps it to the repository, where anyone with access can see it. 

Top firms affected by artifact compromise

In August 2024, researchers discovered an attack in which open-source artifacts were “poisoned,” affecting projects owned by Google, Microsoft, Amazon Web Services, and many more. By compromising the continuous integration/continuous deployment pipeline, it could easily allow attackers to push malicious code to production, or to access secrets in the GitHub repository or elsewhere in the network.

Fortunately, the identified cases were all mitigated quickly, and it did not appear as though any further malicious activity had taken place. 

This Dark Reading article by Elizabeth Montalbano provides a thorough technical explanation of the attack.

Compromised Colorama commits data theft

In April 2024, Matthew Russo reported in this blog about yet another supply-chain attack that exploited GitHub. Using a combination of stolen browser cookies, typosquatting, and more, criminals were able to deploy a tampered-with copy of Colorama, a third-party package used by millions of developers. 

Malicious resources were able to steal multiple browsers’ data. 

The data includes autofill information, cookies, credit cards, login credentials, and browsing history. This can also get into Discord, looking for tokens that it can decrypt to gain access to the victim’s account and steal cryptocurrency wallets, grab Telegram data, and exfiltrate computer files. It also looks to steal sensitive information from Instagram files using a session token and can log victims’ keystrokes, exposing information like passwords, personal messages, and financial details.

Supply chain security

GitHub itself provides a strong set of security resources. 

This article provides specific guidance on best security practices, including for using third-party actions and workflows securely. These include pinning actions to a full-length commit SHA, auditing the action’s source code, and more. 

You can find the full list of GitHub security guides here.

Good general rules of thumb for software supply-chain security include:

• Verify dependencies and resources before interacting with them

• Monitor for suspicious network activity

• Maintain a proper security posture

A strong web application-and-API-protection (WAAP) platform like Barracuda Application Protection can help by detecting and remediating vulnerabilities during and after development and using Active Threat Intelligence to respond rapidly to new vulnerabilities and exploits.