{"id":8597,"date":"2026-06-24T14:13:04","date_gmt":"2026-06-24T14:13:04","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/06\/24\/cordyceps-ci-cd-flaws-expose-300-github-repositories-to-supply-chain-attacks\/"},"modified":"2026-06-24T14:13:04","modified_gmt":"2026-06-24T14:13:04","slug":"cordyceps-ci-cd-flaws-expose-300-github-repositories-to-supply-chain-attacks","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/06\/24\/cordyceps-ci-cd-flaws-expose-300-github-repositories-to-supply-chain-attacks\/","title":{"rendered":"Cordyceps CI\/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks"},"content":{"rendered":"

\u200bCybersecurity researchers have flagged a new class of CI\/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains.<\/p>\n

The “critical exploitable pattern” has been codenamed Cordyceps by Novee Security. The issue can allow full attacker control of repositories at dozens of the largest organizations worldwide, including Microsoft, Google, Apache, and\u00a0Cybersecurity researchers have flagged a new class of CI\/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains.<\/p>\n

The “critical exploitable pattern” has been codenamed Cordyceps by Novee Security. The issue can allow full attacker control of repositories at dozens of the largest organizations worldwide, including Microsoft, Google, Apache, and\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"

\u200bCybersecurity researchers have flagged a new class of CI\/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains. The “critical exploitable pattern” has been codenamed Cordyceps by Novee Security. The issue can allow full attacker control of repositories at dozens of the largest organizations worldwide, including Microsoft, Google, Apache, and\u00a0Cybersecurity researchers… Read More »Cordyceps CI\/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":8598,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/8597"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=8597"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/8597\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/8598"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=8597"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=8597"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=8597"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}