Skip to content
Tech News
← Back to articles

Xygeni GitHub Action Compromised Via Tag Poison

2026-03-11 | original
read original get GitHub Actions Security Badge → more articles
Why This Matters

The Xygeni GitHub Action breach highlights the ongoing risks of supply chain attacks in the software development industry, emphasizing the importance of securing build and deployment pipelines. For consumers and organizations relying on automated workflows, this incident underscores the need for vigilant security practices to prevent malicious code from entering production environments.

Key Takeaways

An unidentified threat actor breached one of application security vendor Xygeni's GitHub Actions this month via tag poisoning.

Xygeni, which sells a number of AI-powered AppSec products, said in a March 10 security incident report that it "detected suspicious activity affecting the repository used to publish the xygeni/xygeni-action GitHub Action."

The attacker used pull requests in an effort to introduce malicious code (a compact command-and-control implant) into the repository, though Xygeni said the attempts were blocked via existing branch detection rules. The threat actor then pivoted, exploiting "a separate vector by moving the mutable v5 tag to reference a malicious commit created during the pull request attempts."

"Workflows referencing xygeni/xygeni-action@v5 could therefore retrieve the compromised code without any visible change to their workflow definitions," Xygeni said in its disclosure. The attacker gained access via compromised credentials associated with a maintainer token and a GitHub app installed on the relevant repository.

Related:Microsoft Patches 83 CVEs in March Update

Xygeni identified the follow-on activity on March 9 following community reports, and the tag was removed as part of ongoing incident response procedures. According to the vendor, no malicious code was merged into the repository's main branch, there is no evidence of compromise to Xygeni's platform or customer data, and the compromised tag has been permanently removed.

Xygeni Attack Root Cause and Remediation

Xygeni's post was notably detailed, featuring a timeline of the attack as well as root cause analysis and remediation recommendations.

The company concluded the root cause of breach was the compromise of a GitHub App private key that had been installed on the repository and had unnecessarily broad permissions. The attacker used a maintainer's personal access token (PAT) in tandem with the GitHub App's credentials: one to create pull requests, the other to approve them (as neither could bypass repository protections on their own).

Going forward, Xygeni committed to enforcing release immutability across repositories, hardening repository permissions and contributor access, making cryptographically signed commits mandatory for maintainers, and restricting write access to a limited set of maintainers and administrators.

... continue reading

Explore topics: xygeni github actions tag poisoning appsec malicious code
Related:
Microsoft Patches 83 CVEs in March Update
Are We Ready for Auto Remediation With Agentic AI?
If It Quacks Like a Package Manager
Ubicloud (YC W24): Software Engineer – $95-$250K in Turkey, Netherlands, CA
Turn Dependabot Off

© 2026 GoKawiil

About | Editorial Policy | Contact