Attacks on DevOps environments grew by 21% in 2025, causing double the downtime and hundreds of thousands of dollars in lost productivity. Threat actors are increasingly exploiting OAuth flows and personal access tokens to turn trusted automation pipelines into malware distribution channels.