Supply-chain securityCordyceps and the pipeline attack surface we keep ignoring
Novee Security disclosed a CI/CD flaw pattern, Cordyceps, that an unauthenticated actor can use to plant self-propagating triggers across pipelines. The specifics matter less than the shape: pipelines keep landing on the attack surface, and organizations keep treating them like build tools.