logo

‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking

ID: 1a413b51-ed13-53b1-bdd4-dd3585942eaa

STIX ID: report--1a413b51-ed13-53b1-bdd4-dd3585942eaa

Feed Name: HackRead

Threat Score
78/100

Date Published: 2026-06-23

Date Updated: 2026-06-24

Author: Deeba Ahmed

...
...

A security research firm, Novee, disclosed 'Cordyceps' — a class of CI/CD/GitHub Actions workflow vulnerabilities enabling anonymous actors to inject commands, poison artifacts, and escalate privileges across build pipelines. The flaw was validated in hundreds of repositories and in scenarios affecting Microsoft Azure Sentinel, Google Cloud projects, Cloudflare, Apache, and widely used Python tooling; findings were responsibly disclosed and fixes applied.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.