A new type of attack affecting major CI/CD service providers. Attackers can exploit CI/CD cache mechanisms to inject malicious code or steal your secrets.
This information is detailed in the paper by Gu, Ying, Chai, Pu, Duan and Gao "More Haste, Less Speed: Cache Related Security Threats in Continuous Integration Services".
Link:[<a target="_blank" href="https://www.computer.org/csdl/proceedings-article/sp/2024/313000a138/1Ub23VSl4re">https://www.computer.org/csdl/proceedingsarticle/sp/2024/313000a138/1Ub23VSl4re</a>]
<hr />
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1713685275085/eadc6486-f445-4270-a7cb-edd9f04a7708.png" alt class="image--center mx-auto" />

A new type of attack affecting major CI/CD service providers. Attackers can exploit CI/CD cache mechanisms to inject malicious code or steal your secrets.

This information is detailed in the paper by Gu, Ying, Chai, Pu, Duan and Gao "More Haste, Less Speed: Cache Related Security Threats in Continuous Integration Services".

Link:\[[https://www.computer.org/csdl/proceedingsarticle/sp/2024/313000a138/1Ub23VSl4re](https://www.computer.org/csdl/proceedings-article/sp/2024/313000a138/1Ub23VSl4re)\]

---

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1713685275085/eadc6486-f445-4270-a7cb-edd9f04a7708.png align="center")

Securing Bits

Securing Bits

Cache Attacks on CI/CD Systems