Significant supply chain compromise could be conducted against major IT and cryptocurrency organizations through a novel continuous integration/continuous delivery attack technique exploiting thousands of public GitHub repositories with malicious code injection issues, SecurityWeek reports.
Threat actors could deploy such an attack against repositories with self-hosted runners by leveraging a fork pull request to become a contributor, enabling runner workflow execution without approval and additional code execution, a report by Praetorian security researcher Adnan Khan showed.
"When we operated against PyTorch, we could have added our own malicious code to their releases on nearly all of their release platforms. In the hands of a nation-state, this single attack could be devastating. In fact, many of these attacks could have caused their own version of SolarWinds or the recent Ledger crypto hack," said researcher John Stawinski, who worked with Khan.
Such an attack should prompt immediate hardening of default repository settings, noted Khan.
Supply chain, Threat Intelligence
Novel CI/CD attack could prompt widespread supply chain compromise
Share
Related Events
Related Terms
Business Email Compromise (BEC)Deauthentication AttackDefacementDenial of ServiceDictionary AttackDistributed ScansDomain HijackingDumpster DivingGoogle HackingHybrid AttackGet daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds