GitHub, PyTorch and More Organizations Found Vulnerable to Self-Hosted Runner Attacks

Last July, we published an article exploring the dangers of vulnerable self-hosted runners and how they can lead to severe software supply chain attacks.
GitHub itself was found vulnerable, as well as various notable organizations, such as PyTorch, Tensorflow, Microsoft DeepSpeed, and Chia Networks.
GitHub Actions, being the largest CI/CD service on the market and native within GitHub, offers two types of build runners: GitHub's hosted runners and self-hosted runners - running on customer-provided environments.
The vulnerability exploited by Khan involved the latter, where he identified a critical misconfiguration in GitHub's actions/runner-images repository, leading to the ability to modify releases, add code directly to the main branch, and set up paths to supply chain compromise.
Exploiting this vulnerability involved gaining access to internal GitHub infrastructure and secrets.
The access potentially allowed the insertion of malicious code into all of GitHub's runner base images, creating the opportunity to launch a supply chain attack against every GitHub customer using hosted runners.
Identify public repositories using self-hosted runners in a non-ephemeral way, allowing persistence.
Gain initial trust by contributing innocent content, thereby overcoming GitHub's 'Require approval for first-time contributors' mitigation.
Introduce another Pull-Request, executing malicious code on the runner - like a remote access tool - allowing the attacker to gain persistence on the runner, steal secrets, and use them to increase his blast radius.
He could have inserted arbitrary code into the main branch, potentially impacting the weekly deployment of runner images.
He also gained access to internal macOS private cloud vCenter and Azure credentials, posing a serious threat to the integrity of GitHub's infrastructure.
Following self-hosted runners security best practices is essential for the security posture of an organization's CI/CD environment.
Khan reported the vulnerability through GitHub's HackerOne program and was awarded a $20,000 bug bounty.
GitHub acknowledged the report and implemented initial mitigations.
Khan and his colleague John Stawinski expanded their research to other organizations, highlighting systemic issues with self-hosted runners in CI/CD environments.
Adnan Khan's exploration of this supply chain attack sheds light on the vulnerabilities inherent in widely-used CI/CD services like GitHub Actions.
His detailed account of exploiting the GitHub Actions Runners vulnerability serves as a cautionary tale for organizations relying on such services, underscoring the need for robust security measures and vigilant monitoring of CI/CD pipelines.
It's important to remember that GitHub Actions isn't the only CI/CD service that is susceptible to this kind of attack.
Using self-hosted runners on GitLab CI, Azure DevOps Pipelines and more, requires security expertise and extra caution, as they are prone to runner-based vulnerabilities.
To learn more about the looming threat of CI/CD attacks and how to avoid them, contact Legit Security or request a demo of our platform.


This Cyber News was published on securityboulevard.com. Publication date: Thu, 18 Jan 2024 15:43:04 +0000


Cyber News related to GitHub, PyTorch and More Organizations Found Vulnerable to Self-Hosted Runner Attacks

Tensorflow Supply Chain Compromise via Self-Hosted Runner Attack - Let's say TensorFlow wants to run a set of tests when a GitHub user submits a pull request. TensorFlow can define these tests in a yaml workflow file, used by GitHub Actions, and configure the workflow to run on the `pull request` trigger. One type ...
10 months ago Securityboulevard.com
GitHub, PyTorch and More Organizations Found Vulnerable to Self-Hosted Runner Attacks - Last July, we published an article exploring the dangers of vulnerable self-hosted runners and how they can lead to severe software supply chain attacks. GitHub itself was found vulnerable, as well as various notable organizations, such as PyTorch, ...
10 months ago Securityboulevard.com
New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise - A newly disclosed class of CI/CD attacks could have allowed attackers to inject malicious code into the PyTorch repository, leading to massive supply chain compromise, Praetorian security researcher John Stawinski says. Initially detailed in December ...
10 months ago Securityweek.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
CVE-2021-32638 - Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token ...
2 years ago
Playbooks on-prem - To address this challenge, Sekoia.io has recently released Playbooks on-prem. In this way, Playbooks on-prem may appeal to companies seeking to synchronize cloud actions with those executed on-premises. At its core, Playbooks on-prem revolve around a ...
8 months ago Blog.sekoia.io
CVE-2021-22869 - An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. This affects customers using self-hosted runner groups for access control. A ...
2 years ago
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
1 year ago Securityweek.com
Securing the code: navigating code and GitHub secrets scanning - Enter the world of GitHub secrets scanning tools, the vigilant sentinels of your digital gala. Secrets scanning in GitHub is anchored by two fundamental strategies: proactive prevention and reactive detection, each serving a critical function in ...
11 months ago Securityboulevard.com
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
10 months ago Blog.checkpoint.com
GitHub code-signing certificates stolen - Another day, another access-token-based database breach. This time, the victim is Microsoft's GitHub business. On December 6, 2022, repositories from our atom, desktop, and other deprecated GitHub-owned organizations were cloned by a compromised ...
1 year ago Nakedsecurity.sophos.com
CVE-2024-52587 - StepSecurity's Harden-Runner provides network egress filtering and runtime security for GitHub-hosted and self-hosted runners. Versions of step-security/harden-runner prior to v2.10.2 contain multiple command injection weaknesses via environment ...
2 days ago Tenable.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
1 month ago Cyberdefensemagazine.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
1 year ago Securityweek.com
CVE-2022-39321 - GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow. The actions runner invokes the docker cli directly in order to run job containers, service containers, or container actions. A bug in the logic for how the ...
2 years ago
US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy - The US Department of Justice has taken a carrot-and-stick approach to its corporate enforcement policy in regard to the Foreign Corrupt Practices Act in an effort to entice companies to self-report when in violation of the FCPA. Assistant Attorney ...
1 year ago Csoonline.com
Optimizing Cybersecurity: How Hackers Use Golang Source Code Interpreter to Evade Detection - Hackers have been upping the stakes when it comes to executing cyberattacks, and an increasingly popular tool in their arsenal is the Golang source code interpreter. Reportedly, the interpreter is used to obfuscate code, thus making it harder for ...
1 year ago Bleepingcomputer.com
Cyber Insights 2023: Criminal Gangs - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. Despite some geopolitical overlaps with state attackers, the majority of ...
1 year ago Securityweek.com
How Healthcare Organizations can use ASPM to Fill CSPM Coverage Gaps and Save Money - In recent years, healthcare organizations have increasingly moved their healthcare information systems applications and infrastructure to the cloud to take advantage of its scalability, flexibility and cost-effectiveness. To mitigate these risks, ...
10 months ago Securityboulevard.com
Cybersecurity Performance Goals: Assessing How CPGs Help Organizations Reduce Cyber Risk - In October 2022, CISA released the Cybersecurity Performance Goals to help organizations of all sizes and at all levels of cyber maturity become confident in their cybersecurity posture and reduce business risk. Earlier this summer, CISA outlined ...
11 months ago Cisa.gov
CVE-2023-30853 - Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration ...
1 year ago
Escalating cyber threats: Bots, fraud farms, and cryptojacking surge, urgently requiring attention - Organizations can't ignore the surge in malicious web links. Cybercriminals turn to ready-made bots for quick attacks. Bots and human fraud farms were responsible for billions of attacks in the H1 of 2023 and into Q3, according to Arkose Labs. These ...
10 months ago Helpnetsecurity.com
Misconfiguration and vulnerabilities biggest risks in cloud security: Report - The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. While zero trust is a top priority, data showed ...
1 year ago Csoonline.com
Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
4 months ago Helpnetsecurity.com
CVE-2023-52137 - The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/verify-changed-files) action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The ...
10 months ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)