Unexpected workflow_dispatch runs in the Actions tab could be a warning sign, the researchers said in a blog post. “If you use OIDC federation for cloud deployments, review cloud audit logs for token requests from unknown workflow runs.”
The malicious commits were seen modifying Github Actions workflows to include base64-encoded bash payloads designed to steal secrets exposed during CI execution, including cloud credentials, SSH keys, OpenID Connect (OIDC) tokens, source code secrets, and other environment variables.
Among the hardest-hit projects were Wiznet’s ioLibrary_Driver repository, four Tiledesk repositories, and four persian-tools repositories, with well over 2,000 malicious commits between them.
A later blog post by OX Security flagged some similarities to the widespread TeamPCP compromises, particularly the use of hardcoded historical commit dates. This was a trick used in TeamPCP-linked operations to hide the true timing of malicious activity.
