Malicious Tag Rewrites in GitHub Actions Enable Secret Harvesting

Du'aine Davis

Observed in the wild

• On 18 May, the widely used actions-cool/issues-helper GitHub Action was compromised after all version tags were redirected to attacker-controlled code. Any organisation using the action in CI/CD workflows automatically pulled the malicious version during routine runs. A second action from the same developer was also affected, expanding the potential impact across software development pipelines.
• The attacker modified repository tags so trusted versions pointed to hidden malicious commits. When executed, the action accessed sensitive data from the CI runner, including credentials stored in memory, and sent them to an external domain. This is a supply chain attack that relies on trust in version tags rather than exploiting vulnerabilities in the workflow itself.
• Organisations are advised to avoid using version tags and pin actions to known-safe commit IDs. In Microsoft Defender, monitor build systems for unexpected processes and unusual outbound connections. Look for signs of credential access within CI environments and investigate any workflows making unexplained external calls. Rotate all secrets used in affected pipelines and review recent workflow activity for misuse.

actions-cool/issues-helper GitHub Action Compromised: All Tags Point to Imposter Commit That Exfiltrates CI/CD Credentials - StepSecurity