AWS CodeBuild Webhook Filter Misconfiguration Enabled Potential Takeover of AWS GitHub Repositories
Security researchers at Wiz disclosed a critical AWS CodeBuild misconfiguration (dubbed CodeBreach) that could have enabled unauthenticated attackers to trigger CI builds from untrusted pull requests, access the build environment, and exfiltrate privileged credentials such as GitHub admin tokens. With those tokens, an attacker could have pushed malicious commits into AWS-managed open-source repositories—creating a high-impact software supply chain pathway that could have cascaded into widespread compromise, including risk to dependencies like the AWS JavaScript SDK and potentially components used by the AWS Console itself. AWS was notified on 2025-08-25 and remediated the issue in September 2025.
The root cause was described as a weakness in CodeBuild’s webhook filtering logic intended to restrict which events/users can trigger builds; affected repositories used an ACTOR_ID regex filter that omitted the ^ and $ anchors, allowing bypass of the intended match constraints. Reported impacted AWS-managed GitHub repositories included aws-sdk-js-v3, aws-lc, amazon-corretto-crypto-provider, and awslabs/open-data-registry, all configured to run builds on pull requests. Separate reporting on abuse of self-hosted GitHub Actions runners as backdoors (including the Shai-Hulud worm technique) is related at a thematic CI/CD level but does not describe the CodeBuild misconfiguration or the AWS repository takeover scenario.
Timeline
Jan 15, 2026
Wiz publicly discloses CodeBreach research
Wiz publicly revealed that the CodeBuild misconfiguration could have enabled takeover of AWS-managed GitHub repositories, including the AWS SDK for JavaScript, creating potential for a major supply-chain compromise. The researchers described how a malicious pull request could expose privileged GitHub tokens and enable repository-admin actions.
Sep 1, 2025
AWS fully fixes CodeBreach issue and rotates credentials
In September 2025, AWS completed broader fixes for the affected CodeBuild project configurations, added mitigations, and rotated exposed credentials. AWS said it found no customer impact and no evidence of in-the-wild exploitation.
Aug 27, 2025
AWS mitigates core CodeBuild bypass within 48 hours
Within 48 hours of Wiz's disclosure, AWS mitigated the core bypass that allowed malicious GitHub actor IDs to match approved IDs as substrings. This reduced the immediate risk of unauthorized build triggering against affected projects.
Aug 25, 2025
Wiz reports AWS CodeBuild 'CodeBreach' issue to AWS
Wiz responsibly disclosed a critical AWS CodeBuild misconfiguration dubbed 'CodeBreach' to AWS on 2025-08-25. The flaw involved unanchored regular expressions in webhook ACTOR_ID filters, creating a path to bypass trusted-actor restrictions and potentially access privileged GitHub credentials.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Affected Products
Sources
Related Stories
Misconfigured `pull_request_target` GitHub Actions enabled supply chain compromises
Researchers reported that insecure GitHub Actions workflows using the privileged `pull_request_target` trigger exposed major open source repositories to secret theft and supply chain abuse. Sysdig found workflows in projects including **MITRE** `mitre-attack/car`, **Splunk** `security_content`, and **spotipy** that checked out and executed untrusted forked pull request code in privileged CI contexts, enabling exfiltration of secrets and abuse of high-permission `GITHUB_TOKEN` access. Spotipy assigned **`CVE-2025-47928`** and fixed the issue after disclosure, MITRE remediated its workflow, and Splunk patched its pipeline. Wiz later described a large-scale campaign dubbed **prt-scan** that weaponized the same weakness across GitHub, sending more than 500 malicious pull requests in multiple waves and using increasingly tailored, AI-assisted payloads against Python, Node.js, Go, Rust, and GitHub Actions projects. Most attempts were blocked by contributor approval gates and workflow restrictions, but Wiz confirmed compromise of at least two npm packages—**`@codfish/eslint-config`** and **`@codfish/actions`**—across 106 versions, along with theft of credentials including **AWS keys**, **Cloudflare API tokens**, and **Netlify auth tokens**. The incidents underscored that repositories running untrusted PR code under `pull_request_target` can turn CI/CD pipelines into a direct path for secret exposure and downstream package compromise.
2 weeks ago
Critical AWS Ops Wheel Flaws Enable Admin Takeover via JWT Forgery and Cognito Abuse
AWS disclosed two severe vulnerabilities in **AWS Ops Wheel** that can let attackers seize administrative control of deployments and manipulate tenant data. **`CVE-2026-6911`** is an authentication bypass caused by missing JWT signature verification at the API Gateway endpoint, allowing unauthenticated attackers to forge tokens and gain unintended admin access. AWS said successful exploitation could let attackers read, modify, and delete application data across tenants and manage Cognito user accounts in the deployment's User Pool; the flaw is tracked as **`CWE-347`** and carries a critical **CVSS v3.1 `AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`** rating. AWS also fixed **`CVE-2026-6912`**, a privilege-escalation issue in Ops Wheel's Cognito User Pool configuration that let authenticated users promote themselves to deployment administrator by setting the **`custom:deployment_admin`** attribute through the `UpdateUserAttributes` API. The bug, classified as **`CWE-915`**, exposed the same ability to manage Cognito user accounts and carried a high-severity **CVSS v3.1 `AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H`** score. AWS directed customers to redeploy from the updated repository and apply the fixes to any forked or derivative code, with patches referenced in an AWS security bulletin, a GitHub pull request, and a GitHub security advisory.
1 weeks ago
GitHub Patched Critical `git push` RCE Affecting Cloud and Enterprise Server
GitHub disclosed and patched **CVE-2026-3854**, a critical command-injection flaw in its `git push` pipeline that allowed an authenticated user with repository push access to trigger remote code execution using a single crafted push. Wiz reported the bug on March 4, and GitHub said it reproduced the issue within about 40 minutes and deployed a fix to GitHub.com within roughly two hours, later publishing patches for supported GitHub Enterprise Server releases including **3.14.24, 3.15.19, 3.16.15, 3.17.12, 3.18.6, and 3.19.3**. The vulnerability stemmed from unsanitized user-supplied push option values being inserted into internal `X-Stat` headers, enabling attackers to inject trusted metadata, bypass sandboxing, and execute commands as the `git` service user. Researchers said the flaw could have led to **full server compromise** on GitHub Enterprise Server and, on GitHub.com, code execution on shared storage infrastructure where millions of repositories were accessible to the git service account, creating potential cross-tenant exposure. GitHub said forensic analysis and telemetry found **no evidence of malicious exploitation** and no indication that customer data was accessed, modified, or exfiltrated, but urged Enterprise Server administrators to upgrade immediately and review logs for suspicious push activity. Wiz described the bug as easy to exploit and highlighted its use of AI-assisted reverse engineering tools, including **IDA MCP**, to uncover the issue in GitHub’s closed-source components.
3 days ago