Supply Chain Compromise of Third-Party GitHub Action, CVE-2025-30066
A popular third-party GitHub Action, tj-actions/changed-files (tracked as CVE-2025-30066), was compromised. This GitHub Action is designed to detect which files have changed in a pull request or commit. The supply…