2740196
Builds
secured last week
CI/CD Incidents

Top CI/CD Security Incidents

CodeCov Supply Chain Breach
April 2021
Attack Technique
The attackers exploited an error in Codecov's Docker image creation process, allowing them to extract credentials and modify the bash uploader script. This modified script was used to send environment variables from customers' CI environments to a remote server controlled by the attackers.
Description

The Codecov supply chain breach involved attackers inserting a backdoor into Codecov's infrastructure, leading to the extraction of environment variables from Codecov's customers. This breach was significant as it allowed attackers to access sensitive information, including git credentials, from CI environments, potentially compromising private repositories and exposing secrets

Impact

Approximately 23,000 Codecov customers/users affected | Large organizations like Twilio, Hashicorp, Rapid7, Confluent reported being affected | Exposure of git credentials and access to private repositories | Potential exploitation of secrets and sensitive information

SolarWinds Hack
December 2020
Attack Technique
The attackers exploited an error in Codecov's Docker image creation process, allowing them to extract credentials and modify the bash uploader script. This modified script was used to send environment variables from customers' CI environments to a remote server controlled by the attackers.
Description

The SolarWinds hack involved the deployment of malicious code into SolarWinds' Orion IT monitoring and management software. This breach led to a massive supply chain incident, impacting over 30,000 public and private organizations, including government agencies like Homeland Security, State, Commerce, and Treasury. The hackers gained unauthorized access to networks, systems, and data, exploiting SolarWinds' privileged position as a widely used IT monitoring system provider.

Impact

Over 30,000 organizations compromised | Government departments affected, including Homeland Security, State, Commerce, and Treasury | Emails missing from government systems, evidence of data compromise | Identified malware infections and backdoor access | Ongoing investigation and uncertainty about the full extent of the breach

PyTorch
January 2024
Attack Technique
Exploitation of a critical vulnerability in a PyTorch CI/CD pipeline
Description

Adnan Khan and another researcher exploited a critical vulnerability in PyTorch, a major ML platform used by prominent organizations like Google, Meta, Boeing, and Lockheed Martin. This exploit allowed them to execute a supply chain attack. In addition to compromising PyTorch's CI/CD pipeline, the attackers also targeted GitHub secrets, including GitHub Personal Access Tokens (PATs) with extensive permissions. These tokens provided access to sensitive systems and repositories within the PyTorch organization, further amplifying the potential impact of the attack. The attackers demonstrated the ability to manipulate repository releases, modify release artifacts, and access AWS credentials, highlighting the breadth of the security breach.

Impact

The compromised xz Utils versions affected several Linux distributions, including Fedora, Debian, openSUSE, and Kali Linux. | The attackers stole sensitive GitHub secrets, including PATs with extensive permissions, granting access to a significant number of repositories within the PyTorch organization, posing a serious risk of code injection and manipulation. | Access to AWS keys, such as the "aws-pytorch-uploader-secret-access-key" and "aws-access-key-id," provided the attackers with privileges to upload malicious assets to AWS, further compromising the supply chain integrity and potentially impacting users relying on PyTorch releases.

XZ Utils
April 2024
Attack Technique
The backdoor was deliberately inserted into versions 5.6.0 and 5.6.1 of xz Utils by maliciously tampering the Makefile during the build process.
Description

The backdoor was deliberately inserted into versions 5.6.0 and 5.6.1 of xz Utils by maliciously tampering the Makefile during the build process. For more details, please refer to our blog postDescription: The backdoor aimed to hijack SSH connections by allowing an attacker with a specific private key to insert and execute malicious code, potentially compromising systems running Debian or Red Hat distributions.

Impact

The compromised xz Utils versions affected several Linux distributions, including Fedora, Debian, openSUSE, and Kali Linux. | The backdoor, if successful, could have led to unauthorized access, data theft, and the execution of arbitrary commands on affected systems. | The incident raised concerns about supply chain security, highlighting the need for robust CI/CD pipeline security measures. | The CVE designation for this incident is CVE-2024-3094, providing a tracking designation for security researchers and users to monitor the issue.

Travis CI Secrets Exposure
September 2021
Attack Technique
The vulnerability allowed secure environment variables, including signing keys, access credentials, and API tokens, of all public open source projects using Travis CI to be exposed during pull request builds. Attackers could abuse these exposed secrets for lateral movement into various networks.
Description

The Travis CI flaw impacted over 900,000 open source projects and 600,000 users, potentially exposing secrets like signing keys, access credentials, and API tokens. This vulnerability allowed attackers to access these sensitive environment variables during pull request builds, posing a significant security risk to thousands of organizations relying on Travis CI for their CI/CD processes. The flaw was tracked as CVE-2021-41077 and lasted for approximately eight days, during which researchers discovered and reported the bug to Travis CI. The incident highlighted the importance of secure handling and protection of environment variables in CI/CD pipelines.

Impact

Thousands of open source projects had their sensitive environment variables, including signing keys and access credentials, exposed. | The vulnerability posed a significant security risk, allowing potential abuse of exposed secrets for unauthorized access. | The developer community expressed frustration over Travis CI's handling of the vulnerability disclosure process and the inadequacy of the security bulletin. | As a precautionary measure, all projects relying on Travis CI were advised to rotate their secrets to mitigate potential risks.

CircleCI Incident
December 2022
Attack Technique
The attacker stole a valid, 2FA-backed SSO session from an employee's laptop with a malware. This allowed the attacker to escalate privileges and access a subset of production systems, exfiltrating customer data such as environment variables, tokens, and keys.
Description

On January 4, 2023, CircleCI disclosed a security incident where an unauthorized third party accessed and exfiltrated sensitive data from a subset of production systems. Despite encryption measures, the attacker managed to extract encryption keys after stealing credentials and access of an employee's laptop, potentially compromising encrypted data. CircleCI promptly shut down compromised accounts, rotated tokens and credentials, and engaged third-party cybersecurity experts for investigation and validation.

Impact

Customer environment variables, tokens, and keys were compromised, affecting sensitive information security. | Production access for employees was temporarily limited, impacting operational efficiency. | Engaging third-party cybersecurity specialists and implementing enhanced security measures incurred financial costs. | Public disclosure of the incident and potential data exposure may have impacted CircleCI's reputation and customer trust. | Customers were required to rotate their secrets, tokens, and credentials.

Rust GitHub Actions Cache Poisoning
December 2022
Attack Technique
The attack, known as 'artifact poisoning,' involved submitting changes to an open-source repository on GitHub to trigger the build process with malicious code.
Description

The vulnerability in GitHub Actions allowed attackers to poison software pipelines, leading to the compilation of malicious code into downstream projects. Legit Security discovered and simulated this attack by injecting malicious versions of software components into the build process. Projects using GitHub Actions were heavily affected by this attack. This allowed stolen repository secrets and code tampering.

Impact

The vulnerability impacted many open-source projects using GitHub Actions. | GitHub took steps to address the issue, including API updates, to improve artifact trust verification and reduce the risk of similar attacks in the future.

Diamond Sleet and Onyx Sleet Exploit Critical CI/CD Vulnerabilities
October 2023
Attack Technique
Diamond Sleet and Onyx Sleet exploited a remote-code execution vulnerability (CVE-2023-42793) in JetBrains TeamCity server to gain access to compromised servers. The exploitation was carried out by deploying backdoors like ForestTiger and executing DLL search-order hijacking attacks using malicious DLLs.
Description

Diamond Sleet and Onyx Sleet exploited a critical remote-code execution vulnerability in JetBrains TeamCity server, allowing them to infiltrate build environments. Microsoft observed these threat actors utilizing distinct tools and techniques post-exploitation, including the deployment of backdoors and DLL search-order hijacking attacks. These actions posed a significant risk to organizations using affected versions of TeamCity.

Impact

JetBrains released updates to address the vulnerability, and Microsoft provided mitigation guidance to affected users.

Homebrew Security Incident
April 2021
Attack Technique
The attack leveraged a vulnerability in the review-cask-pr GitHub Action used by Homebrew. With this vulnerability, the security researcher injected arbitrary code into a cask and merged it by spoofing the git_diff dependency of the GitHub Action. This was responsible for passing a pull request's diff for inspection
Description

The vulnerability in the review-cask-pr GitHub Action enabled the security researcher to inject arbitrary code into a cask, bypassing the review process and causing automatic approval and merge of the pull request. This further allowed potential malicious code inclusion which could have resulted in a massive supply chain attack. The vulnerable GitHub Action was immediately removed by Homebrew and all pull requests thereon were reviewed and approved manually.

Impact

Homebrew took swift action by disabling and removing the vulnerable GitHub Action, ensuring the security of its repositories.

Teleport's CI Implementation Vulnerability
April 2021
Attack Technique
A flaw in the CI/CD pipeline was exploited to escalate privileges from a Kubernetes worker pod to the node itself. This escalation enabled the extraction of credentials from the CI/CD system, particularly exposing production AWS credentials. The attackers then used these credentials to potentially alter release artifacts and gain unauthorized access to critical production cloud services.
Description

The vulnerability posed a risk of a malicious Pull Request gaining access to the production environment via a GitHub repository. This vulnerability stemmed from allowing unapproved CI jobs to run on Teleport infrastructure for external contributors' PRs. The attack leveraged Kubernetes worker pods, pivoting to the node and exfiltrating credentials from the CI/CD system. This breach exposed critical AWS credentials, potentially enabling unauthorized access to alter release artifacts and cloud services.

Impact

The incident prompted Teleport to enhance its security incident response procedures, including mitigation, analysis, and remediation steps, to prevent future exploits and strengthen overall security posture. | Teleport advised customers to upgrade to newer versions (Teleport 4.4.11, 5.2.4, 6.2.12, or 7.1.1) to mitigate the vulnerability's risk and encouraged reviewing systems for signs of compromise or unauthorized access.

Stack Overflow Security Breach
April 2019
Attack Technique
The attacker probed Stack Overflow's infrastructure, attempted to access employee-only rooms, created a deceptive support request, and gradually escalated privileges to gain unauthorized access to source code and sensitive information.
Description

The security incident involved an unauthorized user escalating privileges, resulting in the exfiltration of source code and exposure of personal data of 184 users. The attacker spent days probing and navigating Stack Overflow's systems, exploiting vulnerabilities in access controls and misconfigurations to gain higher privileges, access source code repositories, and attempt database changes. The incident prompted Stack Overflow to implement immediate remediations and long-term security enhancements.

Impact

Personal data of 184 users was inadvertently exposed. | Source code was accessed and potentially tampered with. | The attacker elevated their access privileges, highlighting vulnerabilities in access control mechanisms. | The incident led to immediate security improvements such as moving systems behind firewalls, enhancing secret management, and implementing stricter access controls.

ua-parser-js NPM Library Incident
October 2021
Attack Technique
The attack was executed by embedding a malicious script into the ua-parser-js NPM package. The objective of this was to install a coin miner and steal user credentials. The script would execute on Windows and Linux machines, affecting versions 0.7.29, 0.8.0, and 1.0.0 until patched versions were released.
Description

The ua-parser-js NPM package, widely used to detect browser, engine, OS, CPU, and device types from User-Agent data, was compromised with a malicious script for approximately 4 hours on October 22, 2021. This NPM package has 8 M downloads every week and 1200 dependencies. Thus it posed a huge risk as it could install a coinminer and gather user credentials. GitHub and CISA issued advisories urging immediate upgrades and system reviews for suspicious activities.

Impact

Potentially compromised systems during the 4-hour window when the malicious package was available for download | User/credential information could have been harvested due to the malicious script | Advisories issued by CISA and GitHub to highlight the incident and to urge immediate action to fix it | Guidance issued by Rapid7 to review and remediate affected versions to identify malicious activity related to the incident

Bazel PoC
February 2024
Attack Technique
The attack exploited a command injection vulnerability in a dependent action within Bazel, a Google-developed open-source tool. This vulnerability allowed for malicious code injection into a GitHub Actions workflow, potentially compromising the integrity of the codebase and the production environment.
Description

In February 2024, security researchers from Cycode discovered a critical vulnerability in Bazel, a tool for automating software building and testing. The vulnerability, exploited through a command injection in a custom GitHub Action used by Bazel, could have allowed malicious code injection into GitHub Actions workflows. This posed a significant risk to software supply chains, potentially impacting millions of projects and users, including major organizations like Kubernetes, Angular, Uber, and LinkedIn. The incident highlighted the inherent security risks associated with third-party dependencies in CI/CD workflows and emphasized the need for robust security measures to prevent such vulnerabilities from compromising software integrity and production environments.

Impact

Possible impact on millions of projects and users relying on Bazel, including Kubernetes, Angular, Uber, LinkedIn, and more. | The incident highlighted the risks associated with custom GitHub Actions and the need for thorough security assessments and considerations when integrating third-party actions into CI/CD workflows. | Cycode's scan of 3.4 million workflows from GitHub repositories revealed that over 98% of them incorporated one or more custom actions, indicating the widespread adoption of potentially vulnerable practices in CI/CD pipelines. | In response to the incident, Cycode developed an open-source scanner called RAVEN (Risk Analysis and Vulnerability Enumeration for CI/CD) to detect exploitable instances like the one found in Bazel.

Hugging Face
April 2024
Attack Technique
Researchers discovered a vulnerability in Hugging Face's shared CI/CD infrastructure that allowed for cross-tenant attacks. By deploying malicious AI models within this environment, attackers could potentially control the entire CI/CD pipeline, impacting all tenants and compromising multiple AI applications simultaneously.
Description

In April 2024, Wiz Research collaborated with Hugging Face to uncover critical architecture risks within AI-as-a-Service environments. The incident highlighted vulnerabilities in Hugging Face's infrastructure, particularly concerning shared inference infrastructure and CI/CD pipelines. Attackers exploited these vulnerabilities by uploading specially crafted malicious models, specifically in Python's Pickle format, which allowed them to execute arbitrary code within Hugging Face's Inference API environment. This not only raised concerns about privilege escalation but also showcased the potential for cross-tenant access to sensitive data and models stored within the platform.

Impact

The incident highlighted the potential for privilege escalation and cross-tenant access within AI-as-a-Service environments, posing significant security risks. | Vulnerabilities in shared inference infrastructure and CI/CD pipelines raised concerns about the integrity and security of data and models stored within AI platforms. | Insufficient scoping and network isolation within Hugging Face's container registry exposed the platform to potential supply chain attacks, emphasizing the need for enhanced container security practices. | The incident prompted Hugging Face to implement Wiz CSPM (Cloud Security Posture Management) and vulnerability scanning, enhancing their ability to proactively identify and mitigate security risks, leading to platform improvements and enhanced security measures.