tj-actions retroactive tag mutation (2025) TL;DR: Mar-2025 supply-chain attack — retroactive tag rewrite on tj-actions/changed-files leaked CI secrets to logs across 23k+ repos. Stub — to be filled in. What it is TODO Preconditions / where it applies TODO Technique TODO Detection and defence TODO References https://unit42.paloaltonetworks.com/github-actions-supply-chain-attack/