'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
ID: 66838ede-c39e-59d9-8a61-40170e98c8c9
STIX ID: report--66838ede-c39e-59d9-8a61-40170e98c8c9
Feed Name: Dark Reading
Novee security researcher Elad Meged disclosed a class of CI/CD workflow weaknesses named “Cordyceps” in which attacker-controlled pull requests can run code in CI environments, steal high-privilege credentials (signing keys, tokens), publish malicious packages, and otherwise compromise software supply chains; Novee flagged 654 potentially vulnerable repositories (300 confirmed fully exploitable) and vendors including Microsoft and Google validated or mitigated impacts, prompting recommendations to inventory and harden workflows and treat workflow YAML as code.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
