ByteBrief

Best read upright.

We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.

(We tried widescreen once. It wasn't us.)

ByteBrief

SecurityThe Hacker Newsabout 10 hours ago

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

1 min read

Novee Security identified a CI/CD workflow weakness codenamed Cordyceps that lets unauthenticated attackers hijack repositories. A scan of 30,000 high-impact repos found over 300 fully exploitable, including at Microsoft, Google, Apache, and Cloudflare. The flaw enables code execution, credential theft, and supply-chain compromise.

Level

Hype check

Tap to vote and see what everyone thinks.

In this storyGitHub

Best read upright.

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

More to chew on!

More to chew on!