WEDNESDAY, JUNE 24, 2026 48° E  /  GLOBAL TECH · SUMMARISED SUBSCRIBE
AI, business, devices, policy — global tech, summarised every 30 minutes.
Security · 2h ago

Cordyceps CI/CD Flaws Let Attackers Hijack 300+ GitHub Repos

By Meridian48 News Desk · Summarised from The Hacker News ·

Researchers at Novee Security discovered a critical CI/CD workflow weakness, dubbed Cordyceps, affecting over 300 GitHub repositories. The flaw allows attackers to gain full control of workflows at major organizations including Microsoft, Google, and Apache. This enables supply-chain attacks by injecting malicious code into open-source projects.

Meridian48 take
The Cordyceps vulnerability underscores how CI/CD pipelines remain a soft underbelly for supply-chain security, even at tech giants.
Read the full reporting
Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks →
The Hacker News
supply-chain-attacksci-cd-security
More security briefs
Security

29-Year-Old Squid Proxy Bug Exposes Passwords

ProPakistani · 1h ago
Security

Global Takedown Hits Amadey and StealC Malware Operations

Bleeping Computer · 48m ago
Security

CISA warns of active exploits against Ubiquiti, Lantronix flaws

Bleeping Computer · 48m ago
Go deeper on security
AllAIStartupsBusinessDevicesPolicySecurityDev ToolsPakistan