Cordyceps exposed a CI/CD weakness in GitHub Actions where individually valid workflows combined into exploitable privilege chains, leaving many “green” pipelines vulnerable despite passing scans. The article highlights real cases at Microsoft, Google, and Apache, and argues that AI-generated workflows are accelerating governance gaps that scanners alone cannot catch. #Cordyceps #Microsoft #AzureSentinel #Google #Apache #GitHubActions
Keypoints
- Cordyceps affected about 30,000 repositories and confirmed more than 300 exploitable cases.
- The flaw comes from workflow composition, not a single broken file.
- pull_request_target and workflow_run can expose secrets and write tokens to attacker-controlled input.
- Microsoft Azure Sentinel, Google’s AI Agent Development Kit, and Apache Doris were shown to have exploitable paths.
- AI-generated workflows can replicate insecure patterns faster than manual review can catch them.