Aikido Security has identified a vulnerability in GitHub Actions and GitLab CI/CD workflows that allows AI agents to execute malicious instructions, potentially leaking sensitive information. The flaw affects multiple companies and demonstrates how AI prompt injection can compromise software supply chains.

Sysdig's Threat Research Team uncovered significant security vulnerabilities in GitHub Actions workflows across popular open source projects, including those by MITRE and Splunk. Their research revealed how insecure configurations, particularly using pull_request_target, can expose sensitive credentials and allow for exploitation, prompting the team to recommend best practices to enhance CI/CD security.