Yuval Avrahami
Vulnerability researcher at Wiz who led the CodeBreach research into AWS CodeBuild misconfigurations and supply-chain risks, and presents technical findings and remediation guidance.
Best podcasts with Yuval Avrahami
Ranked by the Snipd community
4 snips
Mar 21, 2026 • 17min
A subtle flaw, a massive blast radius. [Research Saturday]
Yuval Avrahami, vulnerability researcher at Wiz who led the CodeBreach investigation, explains how a tiny CI/CD misconfiguration opened the door to hijacking major AWS GitHub repositories. He describes the unanchored regex flaw, how builds could be triggered to steal credentials, and why public repos and pipelines are high-value targets. The discussion covers attack steps and AWS’s remediation.
