Novee Security reveals Cordyceps, a CI/CD vulnerability in GitHub Actions workflows that let anonymous users poison builds and expose tokens across major projects today.

Deeba Ahmed

Source: HackRead
Source Link: https://hackread.com/cordyceps-ci-cd-flaw-microsoft-google-apache-repos-hijack/