An unidentified threat actor compromised Xygeni's xygeni/xygeni-action GitHub Action via tag poisoning. After failing to merge malicious code through pull requests (blocked by branch protection rules), the attacker moved the mutable v5 tag to point to a backdoored commit containing a C2 reverse shell. For approximately seven days (March 3–10), any workflow referencing xygeni/xygeni-action@v5 executed the implant, giving attackers access to CI runner secrets, GITHUB_TOKEN, and source code. The root cause was a compromised GitHub App private key with overly broad permissions, combined with a maintainer's personal access token. Xygeni has committed to enforcing release immutability, hardening permissions, requiring signed commits, and restricting write access. StepSecurity and Xygeni dispute some timeline details, particularly around when the v5 tag was poisoned.
Sort: