Critical Security Flaw in Popular GitHub Action Exposes Encrypted Secrets

A critical security flaw in the popular GitHub action changed-files (tj-actions/changed-files) has exposed encrypted secrets in plain text within GitHub action logs. This vulnerability, affecting over 23,000 repositories, was made possible through orphaned commits and manipulated version tags. The flaw allowed the exposure of sensitive secrets, endangering the security of GitHub workflows.