Full Report
On 2026-03-09, an incident was reported, involving , gaining initial access via , to achieve Supply chain attack.
Analysis Summary
# Incident Report: Xygeni-Action Repository Tag Poisoning
## Executive Summary
On March 9, 2026, a supply chain attack was identified involving the `xygeni-action` GitHub repository. Attackers utilized a "tag poisoning" technique to inject a malicious backdoor/reverse shell into the action's distribution, potentially compromising any CI/CD pipelines utilizing the affected version tags.
## Incident Details
- **Discovery Date:** March 9, 2026
- **Incident Date:** March 9, 2026
- **Affected Organization:** Xygeni (GitHub Action: `xygeni-action`)
- **Sector:** Software Development / Security Tooling
- **Geography:** Global / Distributed
## Timeline of Events
### Initial Access
- **Date/Time:** March 9, 2026
- **Vector:** Tag Poisoning / Unauthorized Repository Modification
- **Details:** The attacker gained the ability to modify or re-create Git tags within the `xygeni-action` repository, replacing legitimate code with a version containing a malicious payload.
### Lateral Movement
- **Details:** Not applicable in the traditional network sense; however, the attack "moved" from the compromised repository to the build environments of downstream users who pulled the poisoned tags.
### Data Exfiltration/Impact
- **Details:** Execution of a reverse shell and Command and Control (C2) communication. This allows for the theft of environment variables (secrets, API keys) and modification of build artifacts within the target CI/CD pipeline.
### Detection & Response
- **How it was discovered:** Identified by security researchers (StepSecurity) monitoring repository integrity.
- **Response actions taken:** Analysis of the injected code; notification to the maintainer to revert/secure tags.
## Attack Methodology
- **Initial Access:** Tag Poisoning (Supply Chain)
- **Persistence:** Injected backdoor within a trusted GitHub Action version tag.
- **Privilege Escalation:** Execution within the context of a GitHub Actions runner, potentially gaining access to `GITHUB_TOKEN` and repository secrets.
- **Defense Evasion:** Use of legitimate version tags to hide malicious code updates.
- **Credential Access:** Potential harvesting of secrets/environment variables from the CI system.
- **Discovery:** Automated scanning of the build environment via the reverse shell.
- **Lateral Movement:** Potential to push malicious code to other repositories using stolen credentials.
- **Collection:** Automated collection of build metadata and environmental secrets.
- **Exfiltration:** C2 reverse shell connection.
- **Impact:** Supply chain compromise allowing for remote code execution (RCE) on target systems.
## Impact Assessment
- **Financial:** Unknown; potential loss for downstream users if secrets were drained.
- **Data Breach:** Exposure of CI/CD secrets, source code, and environment variables.
- **Operational:** Disruption of development workflows and trust in the Xygeni supply chain.
- **Reputational:** High impact on the security vendor (Xygeni) as the tool is intended for security scanning.
## Indicators of Compromise
- **Network indicators:**
- C2 communication to unauthorized external IPs (specific IPs within the StepSecurity report - defanged: `hxxp[:]//[C2-Address]`)
- **File indicators:**
- Modified `index.js` or action entry point within the `xygeni-action` repository for the specific poisoned tag.
- **Behavioral indicators:**
- Outbound connections from GitHub Actions runners to unknown hosts.
- Unusual shell activity (`sh`, `bash`) originating from the `xygeni-action` process.
## Response Actions
- **Containment:** Removal or replacement of the poisoned tags in the GitHub repository.
- **Eradication:** Revocation of any potentially compromised GitHub tokens or secrets used during the period of compromise.
- **Recovery:** Re-verifying the integrity of all repository tags and implementing signed commits/tags.
## Lessons Learned
- **Key takeaways:** Version tags in Git are mutable and should not be implicitly trusted for security-sensitive operations.
- **What could have been done better:** Implementation of tag protection rules and mandatory commit signing to prevent unauthorized or untraceable tag modifications.
## Recommendations
- **For Users:** Pin GitHub Actions to specific **commit SHAs** rather than mutable tags (e.g., use `xygeni-action@<long-sha>` instead of `xygeni-action@v1`).
- **For Maintainers:** Enable "Tag Protection" rules and require 2FA for all contributors. Monitor for unexpected changes to historical tags.
- **General:** Implement OpenSSF Scorecard checks to audit repository security postures.