• Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised 296 comments 14/3/2025
• CI/CD supply chain attack on Azure Karpenter Provider open-source project https://www.stepsecurity.io/case-studies/azure-karpenter-provider 2 comments 25/11/2024

• Popular GitHub Action tj-actions/changed-files is compromised https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised 41 comments 15/3/2025 security