Vulnerabilities4 min read
Cordyceps Flaw Exposes 300+ GitHub Repos to Supply Chain Hijack
A new class of CI/CD vulnerability affects repositories at Microsoft, Google, Apache, and Cloudflare. A free GitHub account is all attackers need to forge approvals and steal credentials.
Marcus ChenJun 25, 2026