What starting position does this attack require?

The first step is Wait for downstream workflow runs (T1078) — a initial access primitive. Assumed environment: target uses unpinned GitHub Actions references (tags rather than 40-char commit SHAs).

What is the final impact of this kill-chain?

The final step lands on Move v3 tag to malicious commit (SUP-ACTION-TAG-MUTATION), which falls under Persistence. From here, an operator typically pivots into post-exploitation or maintains persistence.

How can defenders detect or prevent this attack?

Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.

← RegistryDossier · 5 steps · 4 edges

Approved

GitHub Action tag mutation → silent supply-chain hijack

Target pins an action by tag (uses: org/action@v3). Compromise the action repo and move the v3 tag to a malicious commit — every workflow using it pulls in the backdoor.

Filed by AD Knowledge BasePublished 2026-05-26

§ Kill-chainDrag · zoom · scroll

Initial Access

Wait for downstream workflow runs

T1078 · Valid Accounts

Initial Access

Push malicious commit

T1078 · Valid Accounts

Credential Access

Exfil all secrets from runs

CI-SECRET-IN-LOG · Secret Echo to Build Log

Initial Access

Maintainer account takeover

SUP-PACKAGE-TAKEOVER · Package Maintainer Takeover

Persistence

Move v3 tag to malicious commit

SUP-ACTION-TAG-MUTATION · GitHub Action Tag Mutation

§ Context

Assumed environment: target uses unpinned GitHub Actions references (tags rather than 40-char commit SHAs). Attacker has gained maintainer access to a popular action repo via account takeover / abandoned dependency.

§ Steps

01
Wait for downstream workflow runsInitial Access
T1078— Valid Accounts
02
Push malicious commitInitial Access
T1078— Valid Accounts
03
Exfil all secrets from runsCredential Access
CI-SECRET-IN-LOG— Secret Echo to Build Log
04
Maintainer account takeoverInitial Access
SUP-PACKAGE-TAKEOVER— Package Maintainer Takeover
05
Move v3 tag to malicious commitPersistence
SUP-ACTION-TAG-MUTATION— GitHub Action Tag Mutation

§ References

T1078Valid Accounts

§ Frequently asked

What is the "GitHub Action tag mutation → silent supply-chain hijack" attack path?: Target pins an action by tag (uses: org/action@v3). Compromise the action repo and move the v3 tag to a malicious commit — every workflow using it pulls in the backdoor. It chains 5 steps drawn from real-world offensive-security techniques.
What starting position does this attack require?: The first step is Wait for downstream workflow runs (T1078) — a initial access primitive. Assumed environment: target uses unpinned GitHub Actions references (tags rather than 40-char commit SHAs).
What is the final impact of this kill-chain?: The final step lands on Move v3 tag to malicious commit (SUP-ACTION-TAG-MUTATION), which falls under Persistence. From here, an operator typically pivots into post-exploitation or maintains persistence.
How can defenders detect or prevent this attack?: Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.

GitHub Action tag mutation → silent supply-chain hijack

§ Context

§ Steps

§ References

§ Frequently asked

§ Related dossiers

Build-system implant → signed supply-chain backdoor (SolarWinds-class)

Compromised extension auto-update → fleet compromise

pull_request_target injection → secrets → cloud takeover

Self-hosted runner takeover → persistent CI compromise

Secret echoed to public build log → cloud takeover