The issue allowed a complete takeover of key AWS GitHub repositories - most notably the AWS JavaScript SDK, a core library that powers the AWS Console. The vulnerability stemmed from a subtle flaw in how the repositories’ AWS CodeBuild CI pipelines handled build triggers. To interact with GitHub, CodeBuild requires GitHub credentials, which are, by default, present in the memory of the build environment. This meant that any GitHub user ID that is a superstring of an approved ID could bypass the filter. Statement from AWSAWS investigated all reported concerns highlighted by Wiz’s research team in "Infiltrating the AWS Console Supply Chain: Hijacking Core AWS GitHub Repositories via CodeBuild."