Attackers are targeting GitHub Actions workflows to steal API keys, publish malicious packages, and propagate infections across the open source supply chain. Over 30,000 packages hit npm daily, and hundreds contain malicious code. GitHub scans every one, but even a 1% false-positive rate would kill hundreds of legitimate publishes per day. The Shai-Hulud attacks in late 2025 forced a revamped npm security roadmap and accelerated trusted publishing rollout across npm, PyPI, NuGet, RubyGems, and Crates.
Three immediate actions matter most. Enable CodeQL on your GitHub Actions workflows, free for public repos, to catch misconfigured workflows before attackers do. Stop triggering workflows on pull_request_target. Pin every third-party Action to a full-length commit SHA, and treat any external PR that changes those pins as suspicious. The OpenID Connect trusted publishing model, backed by the OpenSSF, eliminates secrets from build pipelines entirely and creates a detectable signal when an attacker publishes using stolen credentials instead.
GitHub is now revisiting its GitHub Actions security roadmap following the most recent attack wave and is actively accelerating work already in progress. The roadmap is public and accepting community feedback in a dedicated discussion post. The full article is worth reading for the specific mechanism behind how secret exfiltration enables downstream propagation, and for understanding exactly where trusted publishing breaks that chain.
[READ ORIGINAL →]