CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild

Wiz Research uncovered CodeBreach, a critical vulnerability in AWS CodeBuild that allowed attackers to take over key AWS GitHub repositories, including the JavaScript SDK powering the AWS Console. The issue stemmed from a misconfiguration in the CodeBuild pipelines' webhook filters, which failed to anchor regex patterns, enabling unauthenticated attackers to infiltrate the build environment and steal privileged credentials. AWS promptly addressed the issue and implemented new security measures to prevent similar attacks in the future.