Skip to content

CI/CD Vulnerability Cordyceps Threatens GitHub Repositories via Supply-Chain Attacks

In a nutshell: A critical CI/CD vulnerability called Cordyceps enables attackers to gain full control over repositories and compromise the supply chain of hundreds of open-source projects.

Security researchers from Novee Security have identified a critical class of vulnerabilities in CI/CD workflows that attackers can exploit to take over workflows and access open-source supply chains. The vulnerability affects over 300 GitHub repositories belonging to major organizations such as Microsoft, Google and Apache.

Researchers from Novee Security have documented a new category of vulnerabilities in CI/CD workflows classified as “critically exploitable”. The vulnerability, codenamed Cordyceps, allows attackers to manipulate existing workflows and thus gain complete control over Git repositories.

The research shows that over 300 GitHub repositories from large organizations worldwide are affected by this vulnerability class, including companies such as Microsoft, Google and Apache. The attack pattern enables supply-chain attacks on open-source projects that are integrated as dependencies in millions of additional systems.

For CISOs, this means increased risk in managing open-source dependencies and internal CI/CD infrastructure. Control over build and deployment pipelines is a critical attack vector through which malware or compromised code can penetrate the entire supply chain. A comprehensive review of workflow configurations, permission models and secrets management on GitHub and comparable platforms is advisable.


Source: thehackernews.com · Published June 24, 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.

Share on: