Cache Attacks on CI/CD Systems

Cache Attacks on CI/CD Systems

A new type of attack affecting major CI/CD service providers. Attackers can exploit CI/CD cache mechanisms to inject malicious code or steal your secrets.

This information is detailed in the paper by Gu, Ying, Chai, Pu, Duan and Gao "More Haste, Less Speed: Cache Related Security Threats in Continuous Integration Services".

Link:[https://www.computer.org/csdl/proceedingsarticle/sp/2024/313000a138/1Ub23VSl4re]