THREATNOIR
Subscribe
Back to Feed
Supply ChainJun 23, 2026

'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows

Malicious pull requests targeting open-source projects exploit CI/CD workflow weaknesses.

Read at source

Summary

A new threat, dubbed 'Cordyceps,' leverages malicious pull requests to compromise open-source projects by exploiting weaknesses in CI/CD workflows. This attack vector has already impacted significant projects including Microsoft's Azure Sentinel, Google's AI Agent Development Kit, Apache Doris, Cloudflare Workers SDK, and Python's Black formatter.

Entities

Cordyceps (threat_actor)Azure Sentinel (product)AI Agent Development Kit (product)Doris (product)Workers SDK (product)Black (product)