What happens when your CI/CD pipeline turns against you?
In one of the more quietly devastating supply chain breaches we’ve seen this year, attackers compromised the popular tj-actions GitHub Action and used it to exfiltrate secrets from over 200 public repositories. The ripple effects of this incident are still unfolding, but the core lesson is already clear: Your automation tools are part of your attack surface, whether you monitor them or not.
Here’s what happened, why it matters, and how to stay ahead of this trending threat.
According to Bleeping Computer's report, attackers pushed a malicious commit to the GitHub repo tj-actions/changed-files via a compromised personal access token (PAT) which is primarily used as a CI/CD automation tool that helps maintain documentation.
The poisoned commit version was designed to capture secrets (API tokens, credentials, etc.) from the GitHub Actions runtime.
At least 218 repositories were confirmed to be affected, many belonging to developer tooling projects. But Coinbase was identified as a primary target of the campaign, according to a follow-up article.
This was a supply chain attack aimed at CI pipelines, not just static code. This is an attack vector that remains largely unmonitored in most enterprises.
For a complete breakdown of the tj-actions attack—including how it worked, how to mitigate similar threats, and a demo of how Vorlon detects this kind of behavior—watch James Berthoty’s detailed walkthrough below.
🎥 Video: James Berthoty – Everything to Know About the tj-actions Attacks
The malicious version of the action siphoned secrets directly from the CI environment:
With these in hand, attackers could silently access internal systems, deploy backdoors, or pivot into sensitive SaaS environments—without triggering typical security alerts.
This breach highlights a critical blind spot in today’s security programs: non-human identities and automated workflows.
Most security tools focus on:
But this attack didn’t require a misconfigured SaaS app or an end-user clicking a phishing link. It hijacked trusted developer workflows and abused CI/CD integrations, which typically go unmonitored.
Once a secret is exfiltrated via CI, attackers can exploit SaaS APIs to access sensitive data, impersonate services, or exfiltrate customer records, all without touching the endpoint.
Attacks like this show why SaaS ecosystem security is no longer optional.
Vorlon monitors API behavior, machine-to-machine interactions, and secret usage across third-party and internal apps. If a CI tool suddenly accesses a sensitive API it’s never touched before, or if a token behaves abnormally, Vorlon flags it fast and helps you respond even faster.
With Vorlon, you can:
If a GitHub Action in your pipeline starts exfiltrating secrets tomorrow, would you catch it?
The tj-actions incident is a case study in modern supply chain compromise: Stealthy, automated, and built to blend in. These attacks bypass traditional controls, but they don’t bypass Vorlon.
Worried about hidden supply chain threats in your CI/CD pipeline? We can help.
About the author
Anil Agrawal
Security Researcher at Vorlon
Anil Agrawal is a security researcher at Vorlon specializing in SOC optimization and has over eight years of experience in cybersecurity. Before joining Vorlon, he served as a Solutions Architect at Palo Alto Networks, where he designed advanced automation solutions and cybersecurity strategies for Fortune 500 clients. His career includes technical roles at Syracuse University, where he streamlined incident response processes and conducted malware analysis. Anil holds a Master’s degree in Management Information Systems from Syracuse University with a specialization in Information Security Management. Passionate about mitigating third-party application risks, he focuses on pioneering R&D to address evolving cybersecurity challenges. Connect with Anil on LinkedIn to explore collaborations in security innovation and stay updated on his latest contributions.