Wiz Research uncovered a critical vulnerability, named CodeBreach, in AWS CodeBuild that allowed unauthorized access to key AWS GitHub repositories, notably the JavaScript SDK for the AWS Console. This flaw, stemming from unanchored regex filters in build triggers, let attackers exploit CI/CD processes to extract sensitive credentials, potentially compromising many AWS accounts. Recommendations for safeguarding against such vulnerabilities include implementing strict build gates and securing GitHub connections. AWS promptly remediated the issue and issued additional hardening measures in response to the findings. The incident underscores the increasing targeting of CI/CD environments by attackers.
https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild

