Introduction On 2025-03-14, the GitHub Action tj-actions/changed-files was hijacked. CVE-2025-30066. The blast radius: 23,000 repositories, 15 hours. When a workflow says uses: tj-actions/changed-files@v44 , that v44 is a tag . A tag is just a label pointing at a commit SHA, and on git, tags are rewritable . With the maintainer's GitHub Token in hand, the attacker rewrote every tag from v1 through v45 to point at a single malicious commit. Any CI that wrote uses: ...@v44 started running the malicious Action on its very next run, without changing anything on its side. The Action scraped AWS / GitHub / PyPI tokens out of the runner's memory and dumped them, base64-encoded, into the public job log . Public GitHub Actions logs are world-readable, so the leak was complete right there. The headlines say "another supply chain attack". But put this next to the 2024 xz-utils backdoor and the spot that got hit, and the defense that actually works, are nothing alike.…