Brief #95: GitHub Action Backdoor, Microsoft Zero-Days, GitGuardian's Secrets Report

Happy Sunday!

Hope you're enjoying a bit of downtime this weekend. While you were busy wrapping up another hectic week, the security world kept moving with some developments worth knowing about:

• A popular GitHub Action used in 23,000+ repositories was compromised, leaking CI/CD secrets - if you're using tj-actions/changed-files, you'll want to take action immediately
• GitGuardian's latest report found approximately 100,000 valid secrets in public Docker images, with 70% of secrets detected in 2022 still active today
• The job market's shifting - 60% of security professionals are considering changing jobs despite competitive salaries, with career progression being the main driver

Let's dive into this week's security updates and see what you need to know for the week ahead!

Your feedback shapes Mandos Brief and I'd love to hear your thoughts about the content I share.

INDUSTRY NEWS

GitHub Action tj-actions/changed-files Compromised, Leaking CI/CD Secrets

• The popular GitHub Action tj-actions/changed-files (used in 23,000+ repositories) was compromised on March 14, 2025, with attackers retroactively modifying multiple version tags to reference a malicious commit that dumps CI/CD secrets in workflow logs.

• StepSecurity detected the breach through anomaly detection and has released a secure replacement (step-security/changed-files). GitHub temporarily removed the compromised action before restoring it with the malicious code removed.

• Users should immediately replace all instances of tj-actions/changed-files with the StepSecurity alternative, review workflow logs for leaked secrets, and rotate any exposed credentials, especially for public repositories where logs are accessible to anyone.

Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days

• Microsoft's latest Patch Tuesday addresses 57 vulnerabilities, with 6 zero-days already being actively exploited in the wild, including flaws in Windows NTFS, Win32 Kernel, and Microsoft Management Console.

• Four of the zero-days affect core Windows file system components and could be chained together for remote code execution and information disclosure, with one exploit using malicious VHD files that users might be tricked into opening.

• The PipeMagic backdoor, linked to one of the zero-days (CVE-2025-24983), has been targeting entities in Asia and Saudi Arabia since 2022, distributed as fake OpenAI ChatGPT applications in recent campaigns.

Apple Patches WebKit Zero-Day Vulnerability Actively Exploited in Targeted Attacks

• Apple has released security updates to fix CVE-2025-24201, an out-of-bounds write vulnerability in WebKit that allowed attackers to break out of the Web Content sandbox through malicious web content.

• The zero-day flaw was exploited in "extremely sophisticated" attacks targeting specific individuals using iOS versions prior to 17.2, though Apple provided no details about the victims or threat actors.

• Updates are available for iOS/iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, and visionOS 2.3.2, marking the third actively exploited zero-day Apple has patched this year.

LEADERSHIP INSIGHTS

GitGuardian - The State of Secrets Sprawl 2025 Report

• GitGuardian's analysis of 15 million public Docker images revealed approximately 100,000 valid secrets including AWS keys, GCP keys, and GitHub tokens belonging to Fortune 500 companies.

• 70% of valid secrets detected in public GitHub repositories in 2022 remain active today, highlighting a critical remediation gap even after detection.

• Repositories using GitHub Copilot have a 40% higher secrets leak rate (6.4%) compared to the average public repository (4.6%), suggesting AI coding assistants may prioritize productivity over security.

Google's Red Team Simulates Cyberattacks to Strengthen Security Defenses

• Google's Red Team, established in 2016, acts as a sparring partner for defense teams by simulating real-world attacks based on known threat actors' behaviors to identify security gaps.

• The team operates with few constraints and maintains detailed activity logs to help defenders distinguish between Red Team exercises and actual malicious attacks, fostering trust across the organization.

• Their approach includes threat intelligence-driven exercises, dedicated remediation tracking, and a blameless culture that focuses on improving systems rather than reprimanding individuals when vulnerabilities are discovered.

Cybersecurity Report Reveals Escalating Software Supply Chain Attacks

• Cryptocurrency applications were heavily targeted, with 23 malicious campaigns discovered across npm (61%) and PyPI (39%) platforms, serving as a warning sign for other industries.

• Commercial binaries pose significant risks, with ReversingLabs identifying seven common security issues including malware, tampering, and exposed secrets in widely used software packages.

• Open-source packages remain vulnerable despite decreased malware incidents, with popular packages containing an average of 68 vulnerabilities (including 6 critical-severity flaws) and a 12% increase in leaked developer secrets.

CAREER DEVELOPMENT

Cybersecurity Professionals Share Career Mistakes and Lessons Learned

• Communication and soft skills are crucial - many professionals regret focusing solely on technical aspects while neglecting the ability to explain security concepts to non-technical stakeholders and collaborate with business units.

• Finding the right balance between security and business needs is essential - several experienced practitioners warn against being the "no" person or security cop, instead recommending a risk-based approach that offers solutions rather than just identifying problems.

• Work-life balance matters significantly - professionals who burned out from chasing money or prestige emphasize that maintaining personal relationships and health ultimately leads to more sustainable and fulfilling careers.

60% of Cybersecurity Professionals Considering Job Change Despite High Salaries

• Career progression is the primary reason for dissatisfaction, particularly among senior professionals, with 53% of cybersecurity functional leaders planning to leave their current positions within the next year.

• Security architects and engineers command top salaries (averaging $206,000 and $191,000 respectively), but compensation alone isn't enough to retain talent, as professionals with expertise in cloud security, application security, and threat intelligence earn significantly more.

• Work arrangements are crucial for retention, with 59% of cybersecurity staff expressing strong preference for remote work, while employers forcing office returns risk increased turnover and recruitment difficulties in an already talent-scarce industry.

Cybersecurity Career Offers Mix of Collaboration, Technical Challenges, and Good Pay

• Cybersecurity is not primarily solitary work - professionals report frequent meetings, team collaboration, and cross-departmental communication as core aspects of the job.

• The field offers diverse roles spanning technical and non-technical paths, with many professionals citing the constant puzzles and evolving challenges as key motivators rather than just compensation.

• While the pay is competitive, professionals warn about industry hype - documentation, meetings, and continuous learning are significant parts of the job that influencers often downplay when promoting the field.

AI & SECURITY

Weaviate Introduces Agentic Architectures for Retrieval-Intensive Applications

• Agentic architectures consist of AI agents with memory and tools, where each agent uses a Large Language Model (LLM) as its "brain" to make autonomous decisions for specific tasks.

• Single-agent architectures are simpler but may struggle with complex tasks, while multi-agent systems offer better handling of complex tasks through specialized agents arranged in patterns like hierarchical, sequential, or parallel configurations.

• Vector databases serve dual purposes in these architectures: as tools for Retrieval-Augmented Generation (RAG) pipelines and as memory storage to help agents retrieve information from past interactions semantically.

Floki: AI Agentic Workflow Engine Built on Dapr Framework

• Floki is an open-source framework that enables orchestration of autonomous AI agents using Dapr's workflow engine, supporting both deterministic workflows and event-driven interactions.

• The system leverages Dapr's built-in capabilities for fault-tolerance, persistent state management, and CloudEvents-based messaging to enable reliable multi-agent collaboration through pub/sub patterns.

• The framework has been donated to the Dapr community and officially released as Dapr Agents, providing developers with tools to create, orchestrate and manage LLM-based autonomous agents with built-in observability.

Researchers Develop Security AI Agents That Learn Organizational Context

• AI agents can now learn organizational context by ingesting policies, technical architecture details, and business processes to distinguish between normal operations and security threats.

• These agents use retrieval-augmented generation to dynamically access relevant information during investigations, combining short-term memory for active cases with long-term memory for persistent organizational knowledge.

• Implementation requires establishing reliable data sources, validation cycles, and update mechanisms while maintaining appropriate access controls as organizations evolve.

MARKET UPDATES

Blackwall Raises €45M Series B to Protect SMBs from Malicious Bot Traffic

• Blackwall (formerly BotGuard) secured €45M in Series B funding led by Dawn Capital to expand its infrastructure protection services that defend against automated threats across 2.3 million websites.

• The company targets a critical security gap by partnering with Hosting and Managed Service Providers to protect SMBs, which face 43% of all cyber attacks but typically lack enterprise-level security resources against malicious bot traffic.

• Blackwall's GateKeeper product helps service providers reduce operational costs by up to 25% while creating new revenue streams, with plans to double headcount and accelerate growth in the U.S. and APAC markets.

Neural Defend Secures $600K Pre-Seed Funding to Fight AI-Powered Financial Fraud

• Neural Defend, founded in 2024 with dual headquarters in India and San Francisco, has raised over $600,000 to develop real-time, multimodal deepfake detection technology targeting identity fraud in financial transactions.

• The investment comes as financial institutions face growing deepfake threats, with industry data showing that over 40% of fraud attempts now use AI and traditional document review processes identify sophisticated fakes less than 1% of the time.

• The funding round was led by Inflection Point Ventures with participation from MIT SBXI, Techstars San Francisco, and Soonicorn Ventures, as cybersecurity analysts project deepfake-related crimes could exceed $52 billion by 2030.

Chainguard in talks for $350m funding round at $3.5bn valuation

• US cybersecurity startup Chainguard is reportedly in discussions with Kleiner Perkins to raise $350m, which would triple its valuation to $3.5bn since its last funding round in July 2024.

• The company previously raised $140m in a Series C round led by Redpoint Ventures, Lightspeed Venture Partners, and IVP, with participation from existing investors including Amplify and Sequoia Capital.

• Chainguard focuses on software security, specifically reimagining software delivery and consumption to provide a safe source for open source software through their Chainguard Images product.

TOOLS

Anvilogic

Anvilogic is a SIEM platform that streamlines detection engineering, offers cost-effective data management, and enhances threat detection capabilities.

ScubaGear

ScubaGear assesses Microsoft 365 tenant configurations against CISA Secure Configuration Baselines, using PowerShell and Open Policy Agent to compare settings and generate compliance reports.

GitHub Actions Attack Diagram

A visual guide illustrating attack paths and techniques for exploiting vulnerabilities in GitHub Actions configurations.

Before you go

If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!

For more frequent cybersecurity leadership insights and tips, follow me on LinkedIn, BlueSky and Mastodon.

Best, 
Nikoloz