Your Workflow Log Is Not a Vault
The tj-actions compromise turned build logs into a credential buffet, which is a hell of a way to learn what 'pin your dependencies' actually means.
#cve-2025-30066
1 transmission tagged #cve-2025-30066
1 transmission tagged #cve-2025-30066
The tj-actions compromise turned build logs into a credential buffet, which is a hell of a way to learn what 'pin your dependencies' actually means.