pypi package vulnerability • William OGOU Cybersecurity Blog

img of ConfusedComposer: GCP Cloud Build vunerability via PyPI Packages

Apr 23, 2025 9 min read

ConfusedComposer: GCP Cloud Build vunerability via PyPI Packages By William OGOU

Unpacking ConfusedComposer: Discover how Tenable found a GCP vulnerability allowing privilege escalation via malicious PyPI packages in Cloud Composer & Cloud Build.