How We Impersonated Cloud Code by Google Cloud and Took Over GCP Accounts

The Upwind security research team is constantly examining threat landscapes and potential attack paths. In one of our recent searches, we discovered an anomaly in the authentication behavior of Google Developer tools that security practitioners should be aware of.  We discovered this threat landscape by running scans on GCP Cloud Code, during which we found […]