A recent sophisticated supply chain attack compromised the reviewdog/action-setup@v1 GitHub Action, exposing secrets in CI/CD workflows. The breach, assigned CVE-2025-30154, led to a secondary attack on tj-actions/changed-files (CVE-2025-30066), affecting over 23,000 repositories. Attackers exploited a GitHub Personal Access Token (PAT) to inject malicious code, escalating the impact. Organizations are advised to review logs, rotate secrets, and pin actions to specific commit SHAs to mitigate risks.