Supply Chain Attack Targets Popular GitHub Action, Exposing CI/CD Secrets

A supply chain attack targeted the GitHub action 'tj-actions/changed-files', used by 23,000 repositories, potentially allowing malicious actors to steal CI/CD secrets from GitHub Actions build logs. This popular action has been compromised, exposing sensitive information. The specific technical details and real impacts are not yet fully known, but the threat is significant for users of this action.