Attackers can abuse Google Cloud Build to poison production environments
Researchers warn that a permission associated with the Google Cloud Build service in Google Cloud can be easily abused by attackers with access to a regular account to elevate their privileges and potentially poison container images used in production environments. Google Cloud Build is a CI/CD platform that allows organizations and developers to execute code…