New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise
Posted: Fri Jan 12, 2024 12:46 pm
A newly disclosed class of CI/CD attacks could have allowed attackers to inject malicious code into the PyTorch repository, leading to massive supply chain compromise, Praetorian security researcher John Stawinski says.
Initially detailed in December 2023, the attack method targets GitHub repositories with self-hosted runners attached and allows a threat actor to execute arbitrary code without requiring approval.
In short, an attacker can use a fork pull request to become a contributor to a repository that has a self-hosted runner attached, and then be able to run any GitHub workflow on the runner. If the runner was configured using the default steps, it is non-ephemeral, enabling persistent access.
[...]
New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise
Initially detailed in December 2023, the attack method targets GitHub repositories with self-hosted runners attached and allows a threat actor to execute arbitrary code without requiring approval.
In short, an attacker can use a fork pull request to become a contributor to a repository that has a self-hosted runner attached, and then be able to run any GitHub workflow on the runner. If the runner was configured using the default steps, it is non-ephemeral, enabling persistent access.
[...]
New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise