Example this tag was just updated 3 hours back and is potentially exfiltrating credentials https://github.com/tj-actions/changed-files/tags?after=v35.9.3 You can read more here: https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised Reported the issue via the email address provided in the `security.md` file and also reported it via private vulnerability disclosure to generate a CVE.
Example this tag was just updated 3 hours back and is potentially exfiltrating credentials
https://github.com/tj-actions/changed-files/tags?after=v35.9.3
You can read more here: https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
Reported the issue via the email address provided in the
security.mdfile and also reported it via private vulnerability disclosure to generate a CVE.