High-risk CI/CD vulnerability named "Cordyceps" exposed, open-source repositories of Microsoft, Google, and other major enterprises affected

PA一线
PA一线

PANews June 25 news, SlowMist Chief Information Security Officer 23pds posted that researchers have exposed a high-risk CI/CD vulnerability called Cordyceps. The open-source repositories of top companies such as Microsoft, Google, Apache, and Cloudflare have all been confirmed vulnerable in tests. Attackers don’t need corporate accounts or any system permissions; by just registering a free GitHub account, submitting a malicious PR, and leaving a comment, they can forge approvals, steal server keys, push malicious code, and completely take over a company’s code repository.

Share to:

Author: PA一线

This content is for market information only and is not investment advice.

Follow PANews official accounts, navigate bull and bear markets together
Telegram Discussion Group
Telegram News Channel
@PANewsCN
Recommended Reading
PA一线

PA一线

US AI chip stocks mixed in pre-market trading, Qualcomm surges 13%
PA荐读

PA荐读

Is the AI giants' 'Token subsidy war' almost over?
PA一线

PA一线

Google Invests About $75 Million in A24, Partners to Explore AI Film Production
PA一线

PA一线

Google, Meta, and Other Tech Companies Along with Multiple Crypto Firms Pledge to Help Combat Illegal Wildlife Trade
OmniTools

OmniTools

Annual Revenue of $13 Billion, Paying Microsoft $17.2 Billion: The Truth Behind AI Cash Burn in OpenAI's Leaked Ledger
PA一线

PA一线

Google Gemini Co-Lead Noam Shazeer Announces Departure and Joins OpenAI

Popular Articles

Industry News
Market Trends
Curated Readings
Subscribe
PANews App
24/7 blockchain news tracking and in-depth analysis.
Download PANews App
App StoreGoogle Play
PANews APP
Huobi HTX Has Listed O Perpetual Contract
PANews Newsflash