CISA Warns of Active Exploitation in GitHub Action Supply Chain Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability related to the compromise of the GitHub action tj-actions/changed-files to its catalog of known exploited vulnerabilities (KEV) on Tuesday. The high-severity flaw, listed under the number CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub action to inject malicious code allowing remote execution. This vulnerability enables attackers to actively exploit affected systems.