
Cordyceps Supply Chain Flaw Impacts Code Repositories Across Thousands of Organizations
A sweeping class of CI/CD vulnerabilities across the open-source software supply chain, collectively dubbed Cordyceps, named after the parasitic fungus notorious for hijacking its hosts. The Novee research, spanning roughly 30,000 repositories across the npm, PyPI, crates, and Go ecosystems, confirms the existence of fully exploitable attack chains at some of the world’s most prominent […]
The post Cordyceps Supply Chain Flaw Impacts Code Repositories Across Thousands of Organizations appeared first on Cyber Security News.