{"id":4507,"date":"2026-07-06T20:11:55","date_gmt":"2026-07-06T20:11:55","guid":{"rendered":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2026\/07\/06\/novee-uncovers-cordyceps-the-latest-threat-to-ci-cd-pipelines\/"},"modified":"2026-07-06T20:11:55","modified_gmt":"2026-07-06T20:11:55","slug":"novee-uncovers-cordyceps-the-latest-threat-to-ci-cd-pipelines","status":"publish","type":"post","link":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2026\/07\/06\/novee-uncovers-cordyceps-the-latest-threat-to-ci-cd-pipelines\/","title":{"rendered":"Novee Uncovers Cordyceps: The Latest Threat to CI\/CD Pipelines"},"content":{"rendered":"<div><img data-opt-id=469699905  fetchpriority=\"high\" decoding=\"async\" width=\"770\" height=\"330\" src=\"https:\/\/devops.com\/wp-content\/uploads\/2026\/07\/cordyceps_cicd_supply_chain_770x330.jpg\" class=\"attachment-large size-large wp-post-image\" alt=\"\" \/><\/div>\n<p><img data-opt-id=1268219073  fetchpriority=\"high\" decoding=\"async\" width=\"150\" height=\"150\" src=\"https:\/\/devops.com\/wp-content\/uploads\/2026\/07\/cordyceps_cicd_supply_chain_770x330-150x150.jpg\" class=\"attachment-thumbnail size-thumbnail wp-post-image\" alt=\"\" \/><\/p>\n<p>A newly discovered <a href=\"https:\/\/devops.com\/critical-microsoft-github-flaw-highlights-dangers-to-ci-cd-pipelines-tenable\/\" target=\"_blank\" rel=\"noopener\">supply chain security flaw<\/a> is once again putting a spotlight on inherent weaknesses in CI\/CD pipelines and the growing interest among cyberthreat actors to exploit them.<\/p>\n<p>Security researchers with Novee, an AI penetration testing platform provider, wrote about Cordyceps, an exploitable pattern in the open source supply chain that can allow attackers to hijack workflows and gain full control of code repositories, including those at dozens of the world\u2019s largest companies, including Microsoft, Google, Python, Apache, and Cloudflare.<\/p>\n<p>In addition, the vulnerability can be exploited by any unauthenticated user, according to Elad Meged, founding engineer and security researcher at Novee.<\/p>\n<p>\u201cNo org membership or special privileges; a free account is enough to forge approvals, push code, or steal credentials,\u201d Meged <a href=\"https:\/\/novee.security\/blog\/cordyceps\/\" target=\"_blank\" rel=\"noopener\">wrote in a report<\/a>.<\/p>\n<p>The Novee team scanned 30,000 \u201chigh-impact\u201d repositories, 654 were flagged in a single scan and more than 300 were confirmed to be fully exploitable to attacks involving attacker-controlled code execution, credential theft, or supply chain compromise, he wrote.<\/p>\n<h3>Perception of CI\/CD Needs to Change<\/h3>\n<p>Cordyceps, which derives its name from a parasitic fungus known for taking control of its hosts, takes advantage of <a href=\"https:\/\/devops.com\/cyber-threats-to-devops-platforms-rising-fast-gitprotect-report-finds\/\" target=\"_blank\" rel=\"noopener\">weaknesses in many CI\/CD workflows<\/a>, which are foundational in modern software development. A key problem is that too often, these workflows are not seen as the security-critical code they are, he wrote.<\/p>\n<p>\u201cModern software gets built atop the backs of thousands of open-source projects, and many operations are being automated, e.g. tests and CI\/CD deployment using GitHub Actions,\u201d Meged wrote. \u201cThese workflows run shell commands, authenticate to cloud providers, hold signing keys, and publish releases, yet they are treated as \u2018configuration.\u2019 \u2026 The result: command injection, privilege escalation, and supply-chain compromise hiding in plain sight in .yml files that no traditional security scanner audits.\u201d<\/p>\n<h3>Autonomous AI Coding Agents a Worry<\/h3>\n<p>Fueling the problem is the growing use of <a href=\"https:\/\/devops.com\/ai-coding-agents-are-pulling-ci-feedback-into-the-inner-loop\/\" target=\"_blank\" rel=\"noopener\">AI coding agents<\/a>.<\/p>\n<p>\u201cThey generate CI\/CD configuration fast and reproduce the same insecure patterns over and over, so the same mistakes can compound across millions of repositories,\u201d he wrote.<\/p>\n<p>In a <a href=\"https:\/\/www.wiz.io\/academy\/application-security\/ci-cd-security-best-practices\" target=\"_blank\" rel=\"noopener\">report last month<\/a>, Nicolas Ehrman, product marketing manager for Google-owned Wiz, wrote that AI coding assistants also add another dimension: \u201cAutonomous agents with broad access to source code and internal APIs blur identity tracing and create CI\/CD risks traditional tooling wasn\u2019t built to catch.\u201d<\/p>\n<p>In its<a href=\"https:\/\/www.wiz.io\/blog\/state-of-code-security-report-2025\" target=\"_blank\" rel=\"noopener\"> State of Code Security Report 2025<\/a>, Wiz found that 35% of enterprises run non-ephemeral self-hosted runners with weaker configurations, exposing organizations to lateral movement attacks across repositories and cloud environments.<\/p>\n<p>\u201cBecause pipelines hold privileged access to your entire development ecosystem, they are prime targets for attackers,\u201d Ehrman wrote. \u201cA single breach can distribute malicious code downstream, cause data breaches, or disrupt services. Consequently, modern CI\/CD security prioritizes risks based on actual exploitability and production impact rather than raw scan volume.\u201d<\/p>\n<h3>Hiding in Plain Sight<\/h3>\n<p>In the case of Cordyceps, a key issue was the vulnerability essentially hides in plain sight. Such multi-step exploit chains can hide from scanners because each step of the chain is working as it\u2019s designed, Meged wrote. It\u2019s not until each flaw is put together and in order, he wrote.<\/p>\n<p>\u201cSAST and DAST \u2013 any tool across an AST suite \u2013 won\u2019t be able to reason about a cross-workflow finding,\u201d he wrote. \u201cExisting tools do pattern-matching on single files, but the most dangerous vulnerabilities we found are multi-step exploit chains. A deterministic scanner checking one workflow file sees valid YAML. An attacker sees a 4-step chain to permanent credentials.\u201d<\/p>\n<p>Its exploit chain goes into motion when someone opens a pull request or leaves a comment, with the process treating such input the same as if it came from a maintainer. It then acts on it with the maintainer\u2019s permissions. An outsider who has a free GitHub account that uses a project\u2019s authority, even for a few minutes, can forge approvals, push malicious code, or steal credentials.<\/p>\n<p>From there, \u201cone compromised workflow in one repository can ripple outward into banks, cloud accounts, AI labs, and end-user devices,\u201d Meged wrote.<\/p>\n<h3>Using Microsoft, Google as Examples<\/h3>\n<p>Novee detailed examples of the reach of the Cordyceps exploit chain among some large companies. Novee researchers found one attack that targeted Microsoft\u2019s Azure Sentinel SIEM, noting that a comment on a pull request fired up anonymous attacker code on the vendor\u2019s continuous integration and stole a non-expiring GitHub App key.<\/p>\n<p>For the supply chain, \u201cpersistent write access to the security content Microsoft ships to customers, meaning they could be silently weakened or implanted with malicious infrastructure templates,\u201d he wrote.<\/p>\n<p>A pull request ran attacker code in Google\u2019s continuous integration process to get unauthenticated control over an associated Google Cloud project, risking the bad actor getting full control over the associated Google Cloud project.<\/p>\n<h3>AI Agents vs. AI Agents<\/h3>\n<p>Novee was able to uncover the exploit chain by using its own AI agents, highlighting the dual nature of AI in cybersecurity.<\/p>\n<p>\u201cFinding these chains requires attacker reasoning across multiple workflows, privilege boundaries, and time,\u201d Meged wrote. \u201cThat\u2019s what Novee\u2019s AI agents do, and that\u2019s what no scanner, no linter, and no manual review caught at the organizations where we validated vulnerabilities.\u201d<\/p>\n<p>Novee\u2019s security teams scanned npm, PyPI, Go, and other ecosystems, and the threat was to essentially every step of the build and development pipeline.<\/p>\n<p><a href=\"https:\/\/devops.com\/novee-uncovers-cordyceps-the-latest-threat-to-ci-cd-pipelines\/\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a><\/p>\n<p>\u200b<\/p>","protected":false},"excerpt":{"rendered":"<p>A newly discovered supply chain security flaw is once again putting a spotlight on inherent weaknesses in CI\/CD pipelines and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4508,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[5],"tags":[],"class_list":["post-4507","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devops"],"_links":{"self":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/4507","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/comments?post=4507"}],"version-history":[{"count":0,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/4507\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media\/4508"}],"wp:attachment":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media?parent=4507"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/categories?post=4507"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/tags?post=4507"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}