In 2023, Toyota disclosed that one of its GitHub repositories had been publicly exposed for nearly five years. The leak included credentials that allowed attackers to access sensitive internal systems. This wasn’t an isolated incident. Over the past two years, Silent Breach’s 0 Day Lab has observed an accelerating trend of attackers pivoting from developer pipelines — GitHub, GitLab, Bitbucket, Jenkins — to compromise production systems. CI/CD platforms have become the soft underbelly of SaaS security.

While most organizations lock down customer-facing applications and cloud consoles, their build pipelines remain a blind spot. Tokens, secrets, and build artifacts are often left unencrypted or exposed in public repos. Attackers know this, and they’ve industrialized their methods for finding and exploiting these weaknesses.

Inside the Attack Chain

A typical CI/CD breach begins with token discovery. Attackers use automated scripts to search GitHub, GitLab, Bitbucket, and even npm and PyPI registries for exposed secrets. Public tools like git-dorker, truffleHog, and GitLeaks make this easy, scanning commit histories, issue threads, and forks for entropy patterns and known API key formats. They’re not just looking for hard-coded credentials, but for clues — environment variables, build logs, or misconfigured .env files that contain API keys or OAuth tokens.

Once a token is obtained, the next step is API abuse. In Silent Breach’s simulated attacks, we often see lateral movement from a seemingly benign token — for example, a CI service account with “read” access to a repo — to a privileged cloud role. Many organizations unknowingly over scope their service accounts, granting them access to production secrets or container registries. In a recent engagement with a fintech client, we gained initial access through a CircleCI token stored in a .env file. That token gave access to their deployment pipeline, where we modified a pre-deploy hook to insert a reverse shell into every production container spun up during automated release. No alarms were triggered.

With cloud access in hand, attackers proceed to lateral movement. This could mean pulling signed artifacts from an internal registry, injecting malicious code into a pipeline, or modifying build configurations to exfiltrate secrets. We often find stale admin credentials in Terraform state files, misconfigured IAM trust relationships, or public S3 buckets containing build artifacts with embedded secrets. One particularly effective technique is “CI/CD supply chain pivoting” — injecting code into a shared GitHub Action used across multiple services, exploiting the trust relationship to infect downstream apps with persistence payloads.

Persistence often follows. Attackers often create stealthy shadow workflows that trigger on obscure events (issue_comment, deployment_status, check_run) and call out to external C2 endpoints. These workflows can be embedded in forks, PRs, or rarely accessed build stages, making them difficult to detect and almost never reviewed. In one case, we identified a custom GitHub webhook installed by a red teamer two months prior — it was still active and exfiltrating commit metadata.

Tools of the Trade

This style of attack has become increasingly automated. GitHub Dorks — keyword-based search strings that identify exposed credentials — are weaponized and deployed in massive scraping operations. Combined with stealer logs dumped on Telegram and Russian forums, attackers now have access to thousands of valid developer tokens and SSH keys scraped from infected machines. Silent Breach Labs recently indexed over 2.3 million developer credentials from leaked stealer logs in a single week — nearly 14% of them were still valid weeks later.

Recon bots scrape new GitHub repos within minutes of creation, watching for entropy spikes, exposed API keys, or reusable code snippets. One bot we analyzed scanned over 70,000 repos per day and maintained a live inventory of build artifacts with embedded secrets. Attackers are also using tools like repo-supervisor, semgrep, and GraphQL-based GitHub search automation to explore internal repo relationships, exposing microservice boundaries and architectural weaknesses before launching the first payload.

Why Standard Defenses Fail

Traditional pentests often miss these attack paths because they’re scoped around applications or networks, not pipelines. A typical test won’t crawl your CI/CD history, scan for leaked secrets, or chain multiple low privilege tokens into a production compromise. Likewise, endpoint detection and response (EDR) solutions are blind to most CI/CD activity; they don’t monitor build servers or ephemeral runners, which are exactly where attackers operate.

Most organizations treat CI/CD pipelines as developer infrastructure, not production systems. As a result, security assessments, pentests, and EDR strategies rarely extend to the pipeline layer. CI runners, build agents, and artifact registries are often out of scope — even though they process sensitive tokens, compile production code, and interact directly with cloud environments.

A standard pentest will test your login page, your backend APIs, and maybe even your WAF. It won’t clone your GitHub repo, search for exposed variables, or simulate a lateral move through your pipeline into AWS. And EDR tools? They’re blind to containers that live for 60 seconds, runners that auto-delete logs, and third-party build plugins that silently execute during every merge.

In a recent red team simulation, our team compromised an Azure DevOps pipeline and injected a single line of PowerShell into the build stage. The payload pinged an external server with every deployment. Despite the organization having XDR coverage, DLP tooling, and a full SIEM stack, the beacon ran undetected for weeks — it never touched a monitored endpoint.

This blind spot leaves even mature security programs vulnerable. Passing SOC 2 or ISO 27001 audits provides no guarantee your pipeline isn’t bleeding secrets. Compliance frameworks lag behind attacker tactics.

Detection and Prevention

The first step is visibility. Regularly scan your repositories, build logs, and container registries for exposed credentials using tools like truffleHog or GitLeaks. Treat CI/CD secrets as production credentials: rotate them, scope them minimally, and store them in managed secret vaults. Silent Breach recommends combining entropy-based scanners (truffleHog, GitLeaks) with pattern-matching tools (detect-secrets, semgrep) and maintaining a continuous monitoring solution (Hound, EDAMAME) or a custom GitHub webhook to scan new pushes in real-time.

Secrets management must be enforced. Store all tokens and keys in managed vaults like AWS Secrets Manager, HashiCorp Vault, or Doppler. Never pass credentials in build scripts or environment variables without encryption. Enforce tight scoping and short TTLs.

Implement pipeline hardening. Require MFA for developer accounts. Use ephemeral runners instead of long lived build agents. Audit third party GitHub Actions or build plugins before adoption. And critically, include your CI/CD stack in penetration tests and red team exercises — attackers already are.

Finally, include CI/CD in red team ops. Silent Breach’s offensive simulation framework now includes dedicated modules for GitHub, GitLab, and Bitbucket analysis, including token harvesting, workflow enumeration, and privilege mapping. Our clients have found that even hardened environments hide years of drift and developer convenience shortcuts.

Closing Thoughts

CI/CD platforms are now part of your attack surface. They’re rich in secrets, under monitored, and increasingly exploited. In our own offensive engagements, Silent Breach routinely finds overlooked tokens and over privileged service accounts that would let a determined attacker walk straight from GitHub into production. We’ve compromised dozens of organizations without touching a login page, simply by chaining together open-source intelligence, developer missteps, and overlooked pipeline access.

CI/CD is no longer a developer convenience. It’s a production attack surface, complete with secrets, permissions, artifacts, and direct lines into your cloud infrastructure. Yet most organizations don’t monitor it, don’t test it, and don’t even see it.

Security leaders must expand their threat models beyond the perimeter. Your pipeline is your soft underbelly. Test it like an adversary would — before someone else does.


Silent Breach helps organizations harden their CI/CD pipelines by simulating real‑world attacks against developer workflows. Ready to test your pipeline like an attacker would? Get in touch with our red team.

About Silent Breach: Silent Breach is an award-winning provider of cyber security services. Our global team provides cutting-edge insights and expertise across the Data Center, Enterprise, SME, Retail, Government, Finance, Education, Automotive, Hospitality, Healthcare and IoT industries.