**GitHub Actions** users should be aware of a recent compromise affecting the `actions-cool/issues-helper` workflow. According to **StepSecurity** researcher Varun Sharma, "Every existing tag in the repository has been moved to point to an imposter commit that does not appear in the action's normal commit history. That commit contains malicious code that exfiltrates credentials from CI/CD pipelines that run the action." ### Imposter Commits: A Supply Chain Threat This attack leverages an "imposter commit," a technique where malicious code is injected by referencing a commit or tag that exists only in an adversary-controlled fork. This allows attackers to bypass standard Pull Request (PR) reviews and achieve arbitrary code execution. ### Technical Details of the Attack The malicious commit executes the following actions within a **GitHub Actions** runner: * Downloads the **Bun** JavaScript runtime. * Reads memory from the Runner.Worker process to extract credentials. * Makes an outbound HTTPS call to an attacker-controlled domain ("t.m-kosche[.]com") to transmit the stolen data. **StepSecurity** also reported that 15 tags associated with the "actions-cool/maintain-one-comment" **GitHub Action** have been compromised with the same malicious functionality. ### GitHub's Response and Potential Link to Other Campaigns **GitHub** has since disabled access to the repository due to a "violation of **GitHub's** terms of service." The reasons for this decision are currently unknown. Interestingly, the exfiltration domain "t.m-kosche[.]com" has been previously observed in the **Mini Shai-Hulud** campaign targeting **npm** packages from the @antv ecosystem, suggesting a potential connection between the two activities. ### Mitigation Steps **StepSecurity** advises that "Because every tag now resolves to malicious commits, any workflow that references the action by version pulls the malicious code on its next run. Only workflows pinned to a known-good full commit SHA are unaffected." Therefore, users of these actions should immediately: * Pin their workflows to a known-good full commit SHA instead of using tags. * Audit their CI/CD pipelines for any unauthorized access or credential leakage.