High-risk CI/CD vulnerability named "Cordyceps" exposed, open-source repositories of Microsoft, Google, and other major enterprises affected

CoinFeed reported on June 25 that SlowMist Chief Information Security Officer 23pds posted that researchers exposed a high-risk CI/CD vulnerability called Cordyceps. Open-source repositories of major enterprises such as Microsoft, Google, Apache, and Cloudflare have all been confirmed to be affected in actual tests. Attackers do not need corporate accounts or any system permissions; just by registering a free GitHub account, submitting a malicious pull request, and leaving a comment, they can forge approvals, steal server keys, push malicious code, and fully control enterprise code repositories.