CI/CD credential theft exposed the real identity crisis in supply chains

At a glance

What this is: This is an analysis of how compromised CI/CD pipeline credentials turned trusted automation into authenticated access across Cisco and the European Commission.

Why it matters: It matters because IAM and NHI teams have to govern machine identities, token scope, and cross-environment reach before stolen credentials become operational access.

By the numbers:

• The European Commission breach reached 340 GB of data before detection.
• Cisco’s breach reportedly touched over 300 GitHub repositories.
• The European Commission incident impacted 42 internal clients and 29 other Union entities.

👉 Read Unosecur’s analysis of the Cisco and European Commission supply chain breaches

Context

A supply chain compromise becomes an identity problem when trusted automation can authenticate an attacker with valid credentials. In this case, the issue is not a missing patch or a broken perimeter, but the way CI/CD systems accumulate secrets, tokens, cloud keys, and privileged access that can outlive the job they were meant to support.

The article argues that modern NHI governance fails when machine identities are treated as invisible plumbing instead of managed access paths. That is a typical failure pattern in large environments: once credentials are embedded in pipelines and broadly reachable from build contexts, the damage follows permission scope rather than the original point of compromise.

Key questions

Q: How should security teams govern credentials used by CI/CD pipelines?

A: Security teams should treat CI/CD credentials as production-grade machine identities and apply least privilege, short lifetimes, and continuous monitoring. The key is to limit what the pipeline can reach, revoke secrets quickly, and audit every privilege path that could let one stolen token spread across repositories, cloud accounts, or SaaS systems.

Q: What is the difference between secret rotation and reducing identity blast radius?

A: Secret rotation changes the credential, but blast-radius reduction changes what the credential can reach. Rotation helps after compromise, yet it does not fix overprivilege, cross-account trust, or lingering access paths. Teams need both, because a rotated secret still leaves risk behind if the original permissions were too broad.

Q: Why do valid credentials create harder-to-detect breaches?

A: Valid credentials bypass many traditional security signals because the access looks legitimate at the protocol level. The abuse shows up in identity context, not in obvious malware or exploit indicators. That is why teams need behavioural baselines for machine identities, not just perimeter alerts or signature-based detections.

Q: How can organisations reduce the risk from compromised service accounts and tokens?

A: Organisations should inventory every non-human identity, remove unnecessary permissions, enforce short TTLs where possible, and log usage at the identity layer. Then they should test whether one compromised token can move from the pipeline into source code, cloud resources, or downstream SaaS data.

Technical breakdown

How compromised CI/CD credentials turn into authenticated access

CI/CD pipelines often run with access to source code, cloud services, package registries, and SaaS controls. If a malicious dependency or build step can read environment variables, mounted secrets, or cached tokens, it can steal the credentials that the pipeline legitimately uses to operate. The attacker does not need to defeat authentication after the fact. They inherit it. That is why build-time compromise is so dangerous: a single trusted execution context can expose many downstream identities, each with different privilege and lifecycle rules. In NHI terms, the pipeline becomes a credential concentrator rather than a safe automation boundary.

Practical implication: Treat build environments as identity-bearing systems and restrict what they can see, use, and export.

Why valid credentials evade ordinary detection

Most security tooling is tuned to spot malware, exploit chains, or abnormal network behaviour on human endpoints. Credential abuse inside a pipeline looks different. The access is syntactically correct, the token is valid, and the actions often match approved API calls or repository operations. Detection therefore depends on identity context, such as expected token use, normal resource scope, and whether an access key was created, cloned, or reused in a way the owner never intended. This is the gap ITDR is meant to cover, because the threat is not unauthorized syntax. It is authorized behaviour in the wrong hands.

Practical implication: Use identity behaviour monitoring to flag impossible token use, unusual scope expansion, and new access key creation.

How one secret can create a large blast radius

A cloud credential with management rights can chain into many services because privileges are inherited through trust relationships, not isolated to one workload. When a single token can enumerate accounts, create new access keys, or reach linked systems, the blast radius is defined by authorization design, not by where the secret was stored. This is why secret rotation alone is incomplete if residual trust paths remain open. The security question is whether the stolen identity can move laterally, persist, or mint new access before defenders detect it.

Practical implication: Map transitive access paths for every high-value NHI and remove management rights that are not strictly required.

Threat narrative

Attacker objective: The objective was to convert trusted automation credentials into durable authenticated access across source code, cloud infrastructure, and downstream data stores.

1. Entry occurred through a compromised CI/CD context that exposed pipeline credentials during routine execution.
2. Escalation followed when stolen tokens and cloud keys were used to authenticate to internal systems and create persistent access paths.
3. Impact included repository cloning, cloud activity, and large-scale data exposure across connected environments.

Breaches seen in the wild

• Shai Hulud npm malware campaign — Shai Hulud campaign: npm malware exposed secrets on GitHub.
• Reviewdog GitHub Action supply chain attack — reviewdog/action-setup GitHub Action supply chain attack exposed secrets.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Credential theft in CI/CD pipelines is now a primary supply chain risk, not a niche implementation flaw. The source article shows that attackers can abuse trusted build contexts to collect tokens, cloud keys, and access secrets without needing an exploit chain. That shifts the centre of gravity from software vulnerability management to identity governance across automation layers. Practitioners should treat CI/CD identity as production identity, with comparable controls and review discipline.

Identity blast radius is the decisive variable when machine credentials are compromised. The two breaches differed in scope, but the determining factor was the same: what the stolen identity was allowed to reach. Once a credential can traverse repositories, cloud accounts, and affiliated services, the incident outcome is defined by authorization design rather than the original compromise point. Teams should measure transitive access, not just secret inventory.

Ephemeral trust debt describes the hidden risk created when temporary pipeline access keeps permanent reach. Temporary jobs often accumulate persistent permissions, cached secrets, and reusable tokens that survive the task they were issued for. That makes “ephemeral” access behave like standing privilege if lifecycle controls are weak. Practitioners should align short-lived credentials with strict scope, short TTLs, and automatic invalidation.

Detection must move from event-based alerts to identity behaviour baselines. The article makes clear that valid credentials can produce normal-looking activity while still being malicious. That means defenders need context such as token provenance, typical call patterns, and expected resource boundaries. Security teams should assume that authenticated activity may be hostile until its identity behaviour matches baseline.

Cross-environment identity stitching is now a core governance requirement. The breach narrative spans CI/CD, source control, cloud accounts, and SaaS records, which is exactly how modern NHI risk propagates. Single-layer controls miss that movement because they do not see the full chain. Practitioners should build governance around the connected identity graph, not isolated platforms.

From our research:

• The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
• 43% of security professionals are concerned about AI systems learning and reproducing sensitive information patterns from codebases, according to The State of Secrets in AppSec.
• For a broader control lens, review Ultimate Guide to NHIs for lifecycle, visibility, and access governance patterns that limit blast radius.

What this signals

Identity governance for automation now has to assume shared trust across the software supply chain. If a build system can read secrets, it can also leak them, and that means the governance model must cover how credentials move between CI/CD, source control, and cloud control planes. Teams that still manage these domains separately will continue to miss the paths attackers actually use.

Blast-radius mapping is becoming a board-relevant control, not a technical convenience. The difference between a contained incident and a cross-entity exposure often comes down to one privileged token. In our research, organisations take an average of 27 days to remediate a leaked secret, which makes pre-compromise containment far more valuable than post-compromise cleanup. The operational task is to find the identities that can cross boundaries before attackers do.

Ephemeral credential trust debt is now a useful planning concept for NHI programmes. It describes the gap between a credential’s intended short life and its real ability to persist through caches, cloned tokens, and inherited permissions. Teams should pair short TTLs with strict reach limits and automated invalidation so temporary access does not behave like standing privilege.

For practitioners

• Map CI/CD credential reach across systems Inventory which pipeline secrets, tokens, and cloud keys can reach source control, cloud accounts, SaaS tools, and deployment systems. Remove any transitive access that is not required for the build or release task.
• Shorten the lifespan of build-time credentials Replace long-lived secrets with narrowly scoped, short TTL credentials wherever possible. Revoke access automatically when the job ends and ensure cached tokens are not reusable outside the pipeline run.
• Monitor identity behaviour inside automation Baseline token usage, repo access patterns, key creation events, and API call volume for each pipeline identity. Alert on new access keys, unusual cloning activity, or access from unfamiliar execution contexts.
• Separate blast-radius domains for high-value NHIs Use account segmentation, permission boundaries, and environment isolation so one compromised secret cannot reach unrelated repositories or cloud tenants. Review management rights on every privileged machine identity.

Key takeaways

• CI/CD compromise is an identity problem when trusted automation can hand attackers valid credentials.
• The damage from stolen machine identities follows permission scope, so blast radius matters as much as secret theft.
• NHI programmes should prioritise identity context, short-lived access, and cross-environment segmentation over isolated secret rotation.

Key terms

• Non-Human Identity: A non-human identity is any digital identity used by software rather than a person. It includes service accounts, API keys, tokens, certificates, bots, workloads, and AI agents. In practice, these identities often carry broad permissions and need lifecycle controls, just like human accounts.
• Identity Blast Radius: Identity blast radius is the set of systems, data, and accounts that a compromised identity can reach. It is a practical measure of how far one stolen secret can spread inside an environment, especially when trust relationships connect CI/CD, cloud, source control, and SaaS.
• Ephemeral Credential: An ephemeral credential is a short-lived secret issued for a specific task or time window. It reduces exposure if handled correctly, but it still creates risk when it can be cached, copied, or reused beyond its intended scope. Short lifetime does not automatically mean low risk.
• Identity Threat Detection and Response: Identity Threat Detection and Response is the practice of watching how identities behave and responding when that behaviour becomes suspicious. For NHIs, it focuses on token use, privilege changes, access patterns, and key creation events rather than malware signatures or endpoint alerts.

What's in the full article

Unosecur's full blog covers the operational detail this post intentionally leaves for the source:

• The Trivy compromise path and how the malicious release captured pipeline secrets during normal build execution.
• The Cisco and European Commission access paths with specific credential-to-system chains that show how the blast radius expanded.
• The identity-layer explanation of how token rotation, key creation, and authenticated cloud access combined into persistent compromise.
• The vendor’s incident-linked mitigation context for teams that need to compare their own control gaps against a real breach pattern.

👉 Unosecur’s full post covers the credential chain, downstream exposure, and identity-layer response detail.

Deepen your knowledge

CI/CD credential governance and machine identity blast-radius control are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If your pipelines still hold broad access to cloud and source control, this is a strong place to start.