Product

Check out our evergrowing list of integrations

From raw logs to enriched, correlated intelligence at the speed of ingestion

Stateful cloud detection with no tradeoffs.

See how the attack began, what the adversary did, and where it could go next.

Act precisely. Recover confidently.

Integrations Book a Demo

Resources

Learn about cloud detection and response

Join our live event or watch on demand

Upcoming Events

Meet our team at upcoming expos and events

Company

Get to know our story and team.

News, articles and press resources.

Join us, we're hiring!

Tags

#

Secrets

No items found.

GitHub Action Supply Chain Attack Exposes Secrets: What You Need to Know and How to Respond

Cloud Security

GitHub Action Supply Chain Attack Exposes Secrets: What You Need to Know and How to Respond

A widely used GitHub Action, tj-actions/changed-files, was compromised sometime before March 14, 2025 with a malicious payload, leading to the exposure of secrets in public repository logs. The incident has been assigned CVE-2025-30066 and is a stark reminder of the growing risks in the software supply chain.

Or Shoshani

Mar 16, 2025

4

min

Browse other tags

Cost Optimization

Disaster Recovery

Troubleshooting

Product

Fuse
Detect
Investigate
Respond

Resources

Book a demo
Customers
Blog
Webinars
CloudWiki

Company

About us
Become a Partner
Press
Jobs
Contact us

© StreamSec ltd.

Copyright Policy
Terms of Use
Privacy