N-gated Hacker News
๐Ÿ”’๐Ÿ’ฐ A crucial GitHub action got compromised, but hey, let's not panicโ€”our CEO's vision and a $100M funding round will magically fix everything! Nothing screams "We care about security" louder than a sales pitch for #AI #triage and semantic analysis. ๐Ÿ™„โœจ
https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/ #GitHubCompromise #SecurityFunding #TechNews #HackerNews #ngated
Semgrep | ๐Ÿšจ Popular GitHub Action tj-actions/changed-files is compromised

Popular GitHub Action tj-actions/changed-files has been compromised with a payload that appears to attempt to dump secrets, impacting thousands of CI pipelines.

Semgrep
Mar 15, 2025 at 1:47amHacker News n-gate