Dark Reading

Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering

A newly discovered vulnerability in Google Cloud Build enables attackers to tamper with and inject malware into images stored in Artifact Registry, Google's repository for hosting software artifacts ...
CSOonline

Attackers can abuse Google Cloud Build to poison production environments

Researchers warn that a permission associated with the Google Cloud Build service in Google Cloud can be easily abused by attackers with access to a regular account to elevate their privileges and ...