> TritonInfoSec News
Home / Jun 25, 2026 / Story
0
#9 The Hacker News general June 24, 2026 at 12:48 UTC

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

By [email protected] (The Hacker News)

AI Summary

Researchers at Novee Security identified a CI/CD vulnerability class dubbed 'Cordyceps' that allows unauthenticated attackers to hijack GitHub Actions workflows by exploiting the 'pull_request_target' trigger, potentially compromising 300+ repositories at organizations including Microsoft, Google, and Apache. GitHub responded on June 18, 2026 by updating 'actions/checkout' to block these pwn request attack patterns, but repositories using older action versions remain at risk.

Read full article → https://thehackernews.com/2026/06/cordyceps-cicd-f…

Relevance score: 77.0/100

# More from June 25

  1. 1
    Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access BleepingComputer
  2. 2
    Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered The Hacker News
  3. 3
    Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root The Hacker News
  4. 4
    macOS Weaknesses Chained to Silently Disable Endpoint Security Agents SecurityWeek
  5. 5
    New ‘Mistic’ RAT Opens Door to Several Ransomware Families SecurityWeek
  6. 6
    Russian Initial Access Broker Behind FortiBleed Campaign SecurityWeek
  7. 7
    Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration SecurityWeek
  8. 8
    Scattered Spider members plead guilty to hacking Transport for London BleepingComputer
  9. 10
    DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering The Hacker News