[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffKvoSx55BfTleUBg7csVn1lhr_tOiPitEPfUwiBoXME":3},{"article":4,"iocs":52},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":32,"category":33,"article_tags":36},"14741004-3247-4191-86e5-555d81edd87b","'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows","cordyceps-mushrooming-malicious-pull-requests-threaten-developer-workflows-768235","The CI\u002FCD workflow weakness affects Microsoft's Azure Sentinel, Google's AI Agent Development Kit, Apache's Doris analytics database, Cloudflare's Workers SDK, and Python Software Foundation's Black.","A new threat, dubbed 'Cordyceps,' leverages malicious pull requests to compromise open-source projects by exploiting weaknesses in CI\u002FCD workflows. This attack vector has already impacted significant projects including Microsoft's Azure Sentinel, Google's AI Agent Development Kit, Apache Doris, Cloudflare Workers SDK, and Python's Black formatter.","Malicious pull requests targeting open-source projects exploit CI\u002FCD workflow weaknesses.",null,"https:\u002F\u002Fwww.darkreading.com\u002Fapplication-security\u002Fcordyceps-malicious-pull-requests-developer-workflows","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fblta959d0fdfca81a69\u002F6a3aceb63b47244ab6075526\u002Fcordyceps-chengyuzheng-getty-1381017332.jpg?width=720&quality=80&disable=upscale","2026-06-23T19:16:42+00:00","2026-06-23T20:00:26.123237+00:00",8,[18,21,24,26,28,30],{"name":19,"type":20},"Cordyceps","threat_actor",{"name":22,"type":23},"Azure Sentinel","product",{"name":25,"type":23},"AI Agent Development Kit",{"name":27,"type":23},"Doris",{"name":29,"type":23},"Workers SDK",{"name":31,"type":23},"Black","26b0b636-0e31-4db1-bffb-61bdf9f20a58",{"id":32,"icon":11,"name":34,"slug":35},"Supply Chain","supply-chain",[37,42,47],{"category":38},{"id":39,"icon":11,"name":40,"slug":41},"80544778-fabb-4dcd-aa35-17492e5dcf4f","Vulnerabilities","vulnerabilities",{"category":43},{"id":44,"icon":11,"name":45,"slug":46},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",{"category":48},{"id":49,"icon":11,"name":50,"slug":51},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[]]