Skip to main content
4th of July Sale — Get 40% off Vantage subscriptions
Published loading...Updated

Cordyceps flaw pattern is more proof CI/CD is part of the attack surface

Summary by The New Stack
On June 24, research from Novee Security was released, reporting a CI/CD weakness that could enable anyone with an unauthenticated free GitHub account to hijack trusted workflows and compromise open-source supply chains.  Dubbed “Cordyceps” after the parasitic fungus, the weakness allegedly appeared across dozens of organizations, both small and large, including Microsoft, Google, Apache, Python, and Cloudflare. After scanning roughly 30,000 hig…
4th of July SaleGet 40% off Vantage subscriptions for yourself or a friend.Get Started

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

The New Stack broke the news on Wednesday, July 1, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)
News
Feed Dots Icon
For You
Search Icon
Search
Blindspot LogoBlindspotLocal