ATProto Browser
Experimental browser for the Atmosphere
Experimental browser for the Atmosphere
Another day, another bad case of supply chain attack shenanigans 😰 If you use GH Actions, please check your setup for any usage of "tj-actions/changed-files" More below: arstechnica.com/information-...
Mar 17, 2025, 9:41 AM
{
"uri": "at://did:plc:35qrtizo7eo2na5ixe5aizol/app.bsky.feed.post/3lkkug67a322c",
"cid": "bafyreidxeslthvgdgswb4oth3tlkjhsuia5fhth3sfdep5ufwt2pwbqlhu",
"value": {
"text": "Another day, another bad case of supply chain attack shenanigans 😰\n\nIf you use GH Actions, please check your setup for any usage of \"tj-actions/changed-files\"\n\nMore below:\narstechnica.com/information-...",
"$type": "app.bsky.feed.post",
"embed": {
"$type": "app.bsky.embed.external",
"external": {
"uri": "https://arstechnica.com/information-technology/2025/03/supply-chain-attack-exposing-credentials-affects-23k-users-of-tj-actions/",
"thumb": {
"$type": "blob",
"ref": {
"$link": "bafkreiezootkzavtmckn3flhilpwowkrgwub2t7ymalgfqo5oet5kuzqmm"
},
"mimeType": "image/jpeg",
"size": 205685
},
"title": "Large enterprises scramble after supply-chain attack spills their secrets",
"description": "tj-actions/changed-files, corrupted to run credential-stealing memory scraper."
}
},
"langs": [
"en"
],
"facets": [
{
"index": {
"byteEnd": 206,
"byteStart": 175
},
"features": [
{
"uri": "https://arstechnica.com/information-technology/2025/03/supply-chain-attack-exposing-credentials-affects-23k-users-of-tj-actions/",
"$type": "app.bsky.richtext.facet#link"
}
]
}
],
"createdAt": "2025-03-17T09:41:38.516Z"
}
}