Last week's GitHub Actions supply chain attack shows that five years after SolarWinds, enterprises still aren't properly securing build pipelines, according to security specialists.

A vulnerability discovered March 14 in a GitHub Actions repo, tj-actions/changed-files, allows attackers to discover secrets by reading Actions log digests. Tj-actions/changed-files is a tool that identifies which files have changed in a code pull request or commit. Developer teams use this tool to streamline CI/CD workflows so that they perform only tasks such as tests and deployments on changed files. The compromised repository was taken down March 15 and a patched version was published, but it's still possible that the vulnerability remains inside downstream environments that use the repo.

To invoke this GitHub Action, repositories can reference it using tags in code, as opposed to the more secure method of pinning Actions to a full-length secure hash algorithm function. Any public repository that invoked the compromised version of the GitHub Action this way would publicly leak credentials in its log digest. A public post by StepSecurity researchers who uncovered the bug said some 23,000 GitHub repositories use the affected repo.

It gets worse, according to software supply chain security experts.

"Repositories that referenced the action by tag (e.g., tj-actions/changed-files@v2) were immediately affected," wrote Matt Moore, co-founder and CTO at Chainguard, in an email to Informa TechTarget. "At the same time, automated tools, like Dependabot and Renovate, unwittingly spread the compromised action, updating even pinned versions of this action to the offending digest."

No one has a comprehensive picture of what credentials might have been accessed and compromised by the attacker, who remains unknown. Downstream open source projects that use code from public repositories where the compromised Action was embedded could have leaked secrets and passed on the bug through CI/CD pipelines.

There are some early indications that sensitive data has been leaked, according to Moore.

"We have seen and reported credentials for each of the major clouds, long-lived GitHub personal access tokens, signing keys and more," Moore said. "We've also seen and reported impact to government agencies, large tech companies and several other distributions' repositories -- to name a few."

While the biggest risk of the GitHub Actions supply chain attack is to public repositories, private repositories aren't automatically safe, said Dimitri Stiliadis, co-founder and CTO at software supply chain security vendor Endor Labs.

"In some cases, the secrets used in open source repos are the same as private repos," he said. "Let's assume one of these public repos has a CI/CD pipeline that generates a Docker container that is published on the Docker Hub, and then a bunch of enterprises are downloading this container and using it. Now, the attacker that got the secrets can potentially go to Docker and push a container version that is malware, and now the malware can propagate to all the enterprises that use it."

The most commonly used software supply chain security tools aren't necessarily the most effective choices for CI/CD systems, experts say.