vulnerability

img of ConfusedComposer: GCP Cloud Build vunerability via PyPI Packages

Apr 23, 2025 9 min read

ConfusedComposer: GCP Cloud Build vunerability via PyPI Packages By William OGOU

Unpacking ConfusedComposer: Discover how Tenable found a GCP vulnerability allowing privilege escalation via malicious PyPI packages in Cloud Composer & Cloud Build.

Apr 2, 2025 9 min read

vulnerability

ImageRunner Vulnerability: Privilege Escalation in GCP Cloud Run By William OGOU

Explore the ImageRunner vulnerability: A patched GCP Cloud Run privilege escalation flaw. See how IAM permissions allowed unauthorized image access via service agents.