{ads}

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise

Written By Tuesday, 18 March 2025 Add Comment



March 19, 2025 at 10:35AM

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog. The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote

from The Hacker News https://ift.tt/UHOocvB

0 Response to "CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads