The Codecov supply chain breach involved attackers inserting a backdoor into Codecov's infrastructure, leading to the extraction of environment variables from Codecov's customers. This breach was significant as it allowed attackers to access sensitive information, including git credentials, from CI environments, potentially compromising private repositories and exposing secrets

Approximately 23,000 Codecov customers/users affected | Large organizations like Twilio, Hashicorp, Rapid7, Confluent reported being affected | Exposure of git credentials and access to private repositories | Potential exploitation of secrets and sensitive information

The SolarWinds hack involved the deployment of malicious code into SolarWinds' Orion IT monitoring and management software. This breach led to a massive supply chain incident, impacting over 30,000 public and private organizations, including government agencies like Homeland Security, State, Commerce, and Treasury. The hackers gained unauthorized access to networks, systems, and data, exploiting SolarWinds' privileged position as a widely used IT monitoring system provider.

Over 30,000 organizations compromised | Government departments affected, including Homeland Security, State, Commerce, and Treasury | Emails missing from government systems, evidence of data compromise | Identified malware infections and backdoor access | Ongoing investigation and uncertainty about the full extent of the breach

Adnan Khan and another researcher exploited a critical vulnerability in PyTorch, a major ML platform used by prominent organizations like Google, Meta, Boeing, and Lockheed Martin. This exploit allowed them to execute a supply chain attack. In addition to compromising PyTorch's CI/CD pipeline, the attackers also targeted GitHub secrets, including GitHub Personal Access Tokens (PATs) with extensive permissions. These tokens provided access to sensitive systems and repositories within the PyTorch organization, further amplifying the potential impact of the attack. The attackers demonstrated the ability to manipulate repository releases, modify release artifacts, and access AWS credentials, highlighting the breadth of the security breach.

The compromised xz Utils versions affected several Linux distributions, including Fedora, Debian, openSUSE, and Kali Linux. | The attackers stole sensitive GitHub secrets, including PATs with extensive permissions, granting access to a significant number of repositories within the PyTorch organization, posing a serious risk of code injection and manipulation. | Access to AWS keys, such as the "aws-pytorch-uploader-secret-access-key" and "aws-access-key-id," provided the attackers with privileges to upload malicious assets to AWS, further compromising the supply chain integrity and potentially impacting users relying on PyTorch releases.

The backdoor was deliberately inserted into versions 5.6.0 and 5.6.1 of xz Utils by maliciously tampering the Makefile during the build process. For more details, please refer to our blog postDescription: The backdoor aimed to hijack SSH connections by allowing an attacker with a specific private key to insert and execute malicious code, potentially compromising systems running Debian or Red Hat distributions.

The compromised xz Utils versions affected several Linux distributions, including Fedora, Debian, openSUSE, and Kali Linux. | The backdoor, if successful, could have led to unauthorized access, data theft, and the execution of arbitrary commands on affected systems. | The incident raised concerns about supply chain security, highlighting the need for robust CI/CD pipeline security measures. | The CVE designation for this incident is CVE-2024-3094, providing a tracking designation for security researchers and users to monitor the issue.

The Travis CI flaw impacted over 900,000 open source projects and 600,000 users, potentially exposing secrets like signing keys, access credentials, and API tokens. This vulnerability allowed attackers to access these sensitive environment variables during pull request builds, posing a significant security risk to thousands of organizations relying on Travis CI for their CI/CD processes. The flaw was tracked as CVE-2021-41077 and lasted for approximately eight days, during which researchers discovered and reported the bug to Travis CI. The incident highlighted the importance of secure handling and protection of environment variables in CI/CD pipelines.

Thousands of open source projects had their sensitive environment variables, including signing keys and access credentials, exposed. | The vulnerability posed a significant security risk, allowing potential abuse of exposed secrets for unauthorized access. | The developer community expressed frustration over Travis CI's handling of the vulnerability disclosure process and the inadequacy of the security bulletin. | As a precautionary measure, all projects relying on Travis CI were advised to rotate their secrets to mitigate potential risks.

On January 4, 2023, CircleCI disclosed a security incident where an unauthorized third party accessed and exfiltrated sensitive data from a subset of production systems. Despite encryption measures, the attacker managed to extract encryption keys after stealing credentials and access of an employee's laptop, potentially compromising encrypted data. CircleCI promptly shut down compromised accounts, rotated tokens and credentials, and engaged third-party cybersecurity experts for investigation and validation.

Customer environment variables, tokens, and keys were compromised, affecting sensitive information security. | Production access for employees was temporarily limited, impacting operational efficiency. | Engaging third-party cybersecurity specialists and implementing enhanced security measures incurred financial costs. | Public disclosure of the incident and potential data exposure may have impacted CircleCI's reputation and customer trust. | Customers were required to rotate their secrets, tokens, and credentials.

The vulnerability in GitHub Actions allowed attackers to poison software pipelines, leading to the compilation of malicious code into downstream projects. Legit Security discovered and simulated this attack by injecting malicious versions of software components into the build process. Projects using GitHub Actions were heavily affected by this attack. This allowed stolen repository secrets and code tampering.

The vulnerability impacted many open-source projects using GitHub Actions. | GitHub took steps to address the issue, including API updates, to improve artifact trust verification and reduce the risk of similar attacks in the future.

Diamond Sleet and Onyx Sleet exploited a critical remote-code execution vulnerability in JetBrains TeamCity server, allowing them to infiltrate build environments. Microsoft observed these threat actors utilizing distinct tools and techniques post-exploitation, including the deployment of backdoors and DLL search-order hijacking attacks. These actions posed a significant risk to organizations using affected versions of TeamCity.

JetBrains released updates to address the vulnerability, and Microsoft provided mitigation guidance to affected users.

The vulnerability in the review-cask-pr GitHub Action enabled the security researcher to inject arbitrary code into a cask, bypassing the review process and causing automatic approval and merge of the pull request. This further allowed potential malicious code inclusion which could have resulted in a massive supply chain attack. The vulnerable GitHub Action was immediately removed by Homebrew and all pull requests thereon were reviewed and approved manually.

Homebrew took swift action by disabling and removing the vulnerable GitHub Action, ensuring the security of its repositories.

The vulnerability posed a risk of a malicious Pull Request gaining access to the production environment via a GitHub repository. This vulnerability stemmed from allowing unapproved CI jobs to run on Teleport infrastructure for external contributors' PRs. The attack leveraged Kubernetes worker pods, pivoting to the node and exfiltrating credentials from the CI/CD system. This breach exposed critical AWS credentials, potentially enabling unauthorized access to alter release artifacts and cloud services.

The incident prompted Teleport to enhance its security incident response procedures, including mitigation, analysis, and remediation steps, to prevent future exploits and strengthen overall security posture. | Teleport advised customers to upgrade to newer versions (Teleport 4.4.11, 5.2.4, 6.2.12, or 7.1.1) to mitigate the vulnerability's risk and encouraged reviewing systems for signs of compromise or unauthorized access.

The security incident involved an unauthorized user escalating privileges, resulting in the exfiltration of source code and exposure of personal data of 184 users. The attacker spent days probing and navigating Stack Overflow's systems, exploiting vulnerabilities in access controls and misconfigurations to gain higher privileges, access source code repositories, and attempt database changes. The incident prompted Stack Overflow to implement immediate remediations and long-term security enhancements.

Personal data of 184 users was inadvertently exposed. | Source code was accessed and potentially tampered with. | The attacker elevated their access privileges, highlighting vulnerabilities in access control mechanisms. | The incident led to immediate security improvements such as moving systems behind firewalls, enhancing secret management, and implementing stricter access controls.

The ua-parser-js NPM package, widely used to detect browser, engine, OS, CPU, and device types from User-Agent data, was compromised with a malicious script for approximately 4 hours on October 22, 2021. This NPM package has 8 M downloads every week and 1200 dependencies. Thus it posed a huge risk as it could install a coinminer and gather user credentials. GitHub and CISA issued advisories urging immediate upgrades and system reviews for suspicious activities.

Potentially compromised systems during the 4-hour window when the malicious package was available for download | User/credential information could have been harvested due to the malicious script | Advisories issued by CISA and GitHub to highlight the incident and to urge immediate action to fix it | Guidance issued by Rapid7 to review and remediate affected versions to identify malicious activity related to the incident

In February 2024, security researchers from Cycode discovered a critical vulnerability in Bazel, a tool for automating software building and testing. The vulnerability, exploited through a command injection in a custom GitHub Action used by Bazel, could have allowed malicious code injection into GitHub Actions workflows. This posed a significant risk to software supply chains, potentially impacting millions of projects and users, including major organizations like Kubernetes, Angular, Uber, and LinkedIn. The incident highlighted the inherent security risks associated with third-party dependencies in CI/CD workflows and emphasized the need for robust security measures to prevent such vulnerabilities from compromising software integrity and production environments.

Possible impact on millions of projects and users relying on Bazel, including Kubernetes, Angular, Uber, LinkedIn, and more. | The incident highlighted the risks associated with custom GitHub Actions and the need for thorough security assessments and considerations when integrating third-party actions into CI/CD workflows. | Cycode's scan of 3.4 million workflows from GitHub repositories revealed that over 98% of them incorporated one or more custom actions, indicating the widespread adoption of potentially vulnerable practices in CI/CD pipelines. | In response to the incident, Cycode developed an open-source scanner called RAVEN (Risk Analysis and Vulnerability Enumeration for CI/CD) to detect exploitable instances like the one found in Bazel.

In April 2024, Wiz Research collaborated with Hugging Face to uncover critical architecture risks within AI-as-a-Service environments. The incident highlighted vulnerabilities in Hugging Face's infrastructure, particularly concerning shared inference infrastructure and CI/CD pipelines. Attackers exploited these vulnerabilities by uploading specially crafted malicious models, specifically in Python's Pickle format, which allowed them to execute arbitrary code within Hugging Face's Inference API environment. This not only raised concerns about privilege escalation but also showcased the potential for cross-tenant access to sensitive data and models stored within the platform.

The incident highlighted the potential for privilege escalation and cross-tenant access within AI-as-a-Service environments, posing significant security risks. | Vulnerabilities in shared inference infrastructure and CI/CD pipelines raised concerns about the integrity and security of data and models stored within AI platforms. | Insufficient scoping and network isolation within Hugging Face's container registry exposed the platform to potential supply chain attacks, emphasizing the need for enhanced container security practices. | The incident prompted Hugging Face to implement Wiz CSPM (Cloud Security Posture Management) and vulnerability scanning, enhancing their ability to proactively identify and mitigate security risks, leading to platform improvements and enhanced security measures.