URL has been copied successfully!
Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks


Tags: , , , , , , , , ,

Cybersecurity researchers have flagged a new class of CI/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains.The “critical exploitable pattern” has been codenamed Cordyceps by Novee Security. The issue can allow full attacker control of repositories at dozens of the largest organizations worldwide, including Microsoft, Google, Apache, and

First seen on thehackernews.com

Jump to article: thehackernews.com/2026/06/cordyceps-cicd-flaws-expose-300-github.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Top 7 zero-day exploitation trends of 2024
  2. The 2024 cyberwar playbook: Tricks used by nation-state actors
  3. Modern supply-chain attacks and their real-world impact
  4. Top 5 real-world AI security threats revealed in 2025