The CircleCI security breach leaves most of its CI/CD platform clients with a pile of time-consuming cleanup of assorted keys, tokens and variables as they are forced to immediately rotate secrets.
The greatest present threat to CI/CD security is insufficient flow control, or a lack of mechanisms in place to require additional approval prior to allowing code to be pushed down the pipeline.