Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos
(2025/03/18)
- Reference: 1742302927
- News link: https://www.theregister.co.uk/2025/03/18/wiz_github_supply_chain/
- Source link:
Infoseccers at Google acquisition target Wiz think they've found the root cause of the GitHub supply chain attack that unfolded over the weekend, and they say that a separate attack may have been to blame.
Google Cloud to inhale Wiz
Just a year after Alphabet was said to be trying to buy the security shop for a claimed $23 billion, Google Cloud [1]says it has signed a definitive agreement to acquire Wiz, Inc in an all-cash transaction for a cool $32 billion.
The cloud security startup will become part of Google Cloud, with the tech giant saying the deal would "accelerate two large and growing trends in the AI era: improved cloud security and the ability to use multiple clouds."
Previous talks around the mega-deal initially started positively but [2]broke down after Wiz's leadership raised concerns about potential regulatory hurdles.
The deal will be among the industry's largest of the year should it go through.
Software engineer Tonye Jack, author of tj-actions/changed-files – the compromised GitHub Action that was [3]recently seen leaking the CI/CD secrets of more than 23,000 projects – already said a stolen personal access token (PAT) was used to carry out the attack. How that token was acquired wasn't understood, however.
But on Monday, Wiz said it followed up on a [4]lead from researcher Adnan Khan, saying that reviewdog/action-setup, a different GitHub Action, was compromised on March 11 and could be the root cause of the stolen PAT at tj-actions.
To recap and summarize:
tj-actions/changed-files is a GitHub Action that detects file changes in open source projects
It recently became apparent to some of its 23,000-plus users that their secrets were leaking in public logs
Researchers found that the Action was compromised at some point before March 14. A payload was injected into the repo, causing CI/CD secrets such as AWS access keys to be spilled
Because tj-actions/changed-files was compromised, by extension so too was tj-actions/eslint-changed-files. This Action runs ESLint to check pull requests for problem code. Crucially, it also runs reviewdog/action-setup
tj-actions/changed-files runs tj-actions/eslint-changed-files, which in turn runs reviewdog/action-setup, using a PAT
Because reviewdog/action-setup was found to be compromised before tj-actions, researchers suspect this reviewdog attack was used to gain access to tj-actions, which has a much larger user base
Similar to the findings of the tj-actions/changed-files case, researchers found malicious code injected into reviewdog/action-setup that caused CI runner memory to leak secrets into logs.
These secrets likely contained the PAT for tj-actions/changed-files, allowing the attackers to compromise the much larger repo.
Rami McCarthy, principal security researcher at Wiz, said in a [5]blog post that the team currently believes two attacks were chained deliberately in pursuit of compromising a specific high-value target.
[6]Extortion crew threatened to inform Edward Snowden (?!) if victim didn't pay up
[7]'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild'
[8]GitHub supply chain attack spills secrets from 23,000 projects
[9]Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied
He added that since only one version of the reviewdog Action was injected with malicious code during a two-hour window on March 11, and the fact that the repo reverted to an uncompromised commit shortly after, it's likely that the attacker reverted the commit themselves to hide the attack. It suggests they only used the reviewdog attack for a narrow purpose (stealing the tj-actions PAT) and tried to stay as stealthy as possible.
By comparison, the 255 users of reviewdog are hardly a scratch on tj-actions' 23,000-plus. So the attack surface of this initial supply chain attack is much smaller, despite leading to a much larger one.
[10]
Alas, McCarthy said those who use reviewdog should still check for any secrets that may have been exposed and rotate them accordingly. If you used a hash-pinned version of the Action or a tag other than v1, there is nothing to worry about.
[11]
Researchers are still working on understanding how the initial compromise at reviewdog played out.
McCarthy said: "We can tell the attacker gained sufficient access to update the v1 tag to the malicious code they had placed on a fork of the repository. The reviewdog GitHub Organization has a relatively large contributor base and appears to be actively adding contributors through automated invites. This increases the attack surface for a contributor's access to have been compromised or contributor access to have been gained maliciously."
[12]
His recommendations were similar to those made in response to the tj-actions compromise: Stop using the Action and replace it with a safe alternative. Remove all references to the Action across all repo branches. Rotate any leaked secrets. ®
Get our [13]Tech Resources
[1] https://blog.google/inside-google/company-announcements/google-agreement-acquire-wiz/
[2] https://www.theregister.com/2024/07/23/alphabet_wiz_deal_scuppered/
[3] https://www.theregister.com/2025/03/17/supply_chain_attack_github/
[4] https://x.com/adnanthekhan/status/1901463901033656764
[5] https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup
[6] https://www.theregister.com/2025/03/18/extortionists_ox_thief_legal_threats/
[7] https://www.theregister.com/2025/03/18/apache_tomcat_java_rce_flaw/
[8] https://www.theregister.com/2025/03/17/supply_chain_attack_github/
[9] https://www.theregister.com/2025/03/17/microsoft_bug_report_troll/
[10] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z9mmsReb0I4Tip_FruB-hAAAABI&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[11] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z9mmsReb0I4Tip_FruB-hAAAABI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[12] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z9mmsReb0I4Tip_FruB-hAAAABI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[13] https://whitepapers.theregister.com/
Google Cloud to inhale Wiz
Just a year after Alphabet was said to be trying to buy the security shop for a claimed $23 billion, Google Cloud [1]says it has signed a definitive agreement to acquire Wiz, Inc in an all-cash transaction for a cool $32 billion.
The cloud security startup will become part of Google Cloud, with the tech giant saying the deal would "accelerate two large and growing trends in the AI era: improved cloud security and the ability to use multiple clouds."
Previous talks around the mega-deal initially started positively but [2]broke down after Wiz's leadership raised concerns about potential regulatory hurdles.
The deal will be among the industry's largest of the year should it go through.
Software engineer Tonye Jack, author of tj-actions/changed-files – the compromised GitHub Action that was [3]recently seen leaking the CI/CD secrets of more than 23,000 projects – already said a stolen personal access token (PAT) was used to carry out the attack. How that token was acquired wasn't understood, however.
But on Monday, Wiz said it followed up on a [4]lead from researcher Adnan Khan, saying that reviewdog/action-setup, a different GitHub Action, was compromised on March 11 and could be the root cause of the stolen PAT at tj-actions.
To recap and summarize:
tj-actions/changed-files is a GitHub Action that detects file changes in open source projects
It recently became apparent to some of its 23,000-plus users that their secrets were leaking in public logs
Researchers found that the Action was compromised at some point before March 14. A payload was injected into the repo, causing CI/CD secrets such as AWS access keys to be spilled
Because tj-actions/changed-files was compromised, by extension so too was tj-actions/eslint-changed-files. This Action runs ESLint to check pull requests for problem code. Crucially, it also runs reviewdog/action-setup
tj-actions/changed-files runs tj-actions/eslint-changed-files, which in turn runs reviewdog/action-setup, using a PAT
Because reviewdog/action-setup was found to be compromised before tj-actions, researchers suspect this reviewdog attack was used to gain access to tj-actions, which has a much larger user base
Similar to the findings of the tj-actions/changed-files case, researchers found malicious code injected into reviewdog/action-setup that caused CI runner memory to leak secrets into logs.
These secrets likely contained the PAT for tj-actions/changed-files, allowing the attackers to compromise the much larger repo.
Rami McCarthy, principal security researcher at Wiz, said in a [5]blog post that the team currently believes two attacks were chained deliberately in pursuit of compromising a specific high-value target.
[6]Extortion crew threatened to inform Edward Snowden (?!) if victim didn't pay up
[7]'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild'
[8]GitHub supply chain attack spills secrets from 23,000 projects
[9]Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied
He added that since only one version of the reviewdog Action was injected with malicious code during a two-hour window on March 11, and the fact that the repo reverted to an uncompromised commit shortly after, it's likely that the attacker reverted the commit themselves to hide the attack. It suggests they only used the reviewdog attack for a narrow purpose (stealing the tj-actions PAT) and tried to stay as stealthy as possible.
By comparison, the 255 users of reviewdog are hardly a scratch on tj-actions' 23,000-plus. So the attack surface of this initial supply chain attack is much smaller, despite leading to a much larger one.
[10]
Alas, McCarthy said those who use reviewdog should still check for any secrets that may have been exposed and rotate them accordingly. If you used a hash-pinned version of the Action or a tag other than v1, there is nothing to worry about.
[11]
Researchers are still working on understanding how the initial compromise at reviewdog played out.
McCarthy said: "We can tell the attacker gained sufficient access to update the v1 tag to the malicious code they had placed on a fork of the repository. The reviewdog GitHub Organization has a relatively large contributor base and appears to be actively adding contributors through automated invites. This increases the attack surface for a contributor's access to have been compromised or contributor access to have been gained maliciously."
[12]
His recommendations were similar to those made in response to the tj-actions compromise: Stop using the Action and replace it with a safe alternative. Remove all references to the Action across all repo branches. Rotate any leaked secrets. ®
Get our [13]Tech Resources
[1] https://blog.google/inside-google/company-announcements/google-agreement-acquire-wiz/
[2] https://www.theregister.com/2024/07/23/alphabet_wiz_deal_scuppered/
[3] https://www.theregister.com/2025/03/17/supply_chain_attack_github/
[4] https://x.com/adnanthekhan/status/1901463901033656764
[5] https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup
[6] https://www.theregister.com/2025/03/18/extortionists_ox_thief_legal_threats/
[7] https://www.theregister.com/2025/03/18/apache_tomcat_java_rce_flaw/
[8] https://www.theregister.com/2025/03/17/supply_chain_attack_github/
[9] https://www.theregister.com/2025/03/17/microsoft_bug_report_troll/
[10] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z9mmsReb0I4Tip_FruB-hAAAABI&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[11] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z9mmsReb0I4Tip_FruB-hAAAABI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[12] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z9mmsReb0I4Tip_FruB-hAAAABI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[13] https://whitepapers.theregister.com/