Summary
CI/CD platforms, build tools, artefact registries, signing services, or third-party SaaS services used in the software build and release path are compromised, enabling attackers to inject malicious code into production artefacts without modifying source code or declared dependencies.
Description
This risk is distinct from RI-10 Dependency and Transitive Supply Chain Compromise, which concerns the integrity of software packages consumed as dependencies. RI-11 concerns the integrity of the tools and services that build, sign, store, and deploy those packages. A compromised build tool can inject malicious code into every artefact it produces; a compromised artefact registry can substitute tampered binaries for legitimate builds; a compromised signing service can certify malicious artefacts as trusted. Because these tools operate with elevated privileges across the entire delivery pipeline, their compromise has an outsized blast radius.
The SolarWinds (2020) and Codecov (2021) incidents demonstrated that build toolchain and service compromise can persist undetected for months, affecting thousands of downstream organisations simultaneously.
- Compromised CI/CD platforms and build agents — Attackers gaining access to build infrastructure to inject malicious steps into pipelines, modify build scripts, or exfiltrate secrets available to the build process
- Pipeline secret exfiltration — Extraction of signing keys, deployment credentials, API tokens, or cloud provider credentials from CI/CD environments, enabling subsequent attacks on production systems
- Artefact registry tampering — Modification or substitution of build artefacts in package registries, container registries, or binary repositories after legitimate builds have completed
- Signing service compromise — Compromise of code-signing infrastructure, enabling attackers to produce artefacts that pass signature verification and are treated as trusted by downstream consumers
- Third-party SaaS service compromise — Managed services integrated into the build and release path (code quality tools, security scanners, deployment orchestrators) compromised to inject malicious payloads or exfiltrate source code and secrets
- Ephemeral runner exploitation — Exploitation of shared or insufficiently isolated CI/CD runners to access secrets, build artefacts, or source code from other projects sharing the same infrastructure
Consequences
- Silent injection of malicious code into production — Compromised build tools can modify artefacts during compilation, packaging, or deployment without any trace in source control, making detection through code review or source-level scanning impossible.
- Compromise of the trust chain — If signing keys or attestation services are compromised, the organisation loses the ability to distinguish legitimate artefacts from tampered ones, undermining the entire basis for deployment trust decisions.
- Cross-project blast radius — Build infrastructure typically serves multiple projects and teams. A single compromised build agent, shared runner, or CI/CD platform can affect every project that uses it.
- Credential theft enabling further attacks — CI/CD environments routinely hold deployment credentials, cloud provider keys, and service tokens. Exfiltration of these credentials enables attackers to directly access production environments (ri-9) or deploy unauthorised changes (ri-8).
- Regulatory and compliance exposure — Regulators expect organisations to demonstrate the integrity of their software delivery pipeline. Inability to assure that build tools and services have not been tampered with undermines compliance with DORA Article 7, PCI DSS Requirement 6, SOX Section 404, and NIST supply chain risk management frameworks.
- Extended dwell time — Build toolchain compromises are particularly difficult to detect because the malicious activity occurs within trusted infrastructure and may produce artefacts that pass all standard security checks.