'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
highnews
security
Source: Dark ReadingJune 23, 2026
Summary
A vulnerability called 'Cordyceps' exploits weaknesses in CI/CD workflows (automated systems that test and deploy code changes) to inject malicious pull requests (code change proposals) into popular developer tools like Azure Sentinel, Google's AI Agent Development Kit, Apache Doris, Cloudflare Workers SDK, and Python's Black. Attackers can use this method to compromise the software supply chain, potentially affecting many developers who use these tools.
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
integrity
AI Component TargetedAgent
Affected Vendors
MicrosoftGoogle
Related Issues
Monthly digest — independent AI security research
Original source: https://www.darkreading.com/application-security/cordyceps-malicious-pull-requests-developer-workflows
First tracked: June 23, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 75%