Published inSystem WeaknessSupply Chain Compromise: How a Single pip install Silently Owns Your Entire CI/CD EnvironmentIn March 2026, the LiteLLM project was hit by a supply chain attack. The attackers bypassed the official release process entirely, pushing…May 4A response icon3May 4A response icon3
Rancher Default Roles — The Hidden Path to Cluster TakeoverRancher has established itself as one of the most popular platforms for managing Kubernetes clusters at scale. Organisations deploy it to…Feb 28Feb 28
Exploiting Organisation Wildcards in OIDC Trust PoliciesWhen organisations adopt OIDC federation between GitHub Actions and AWS, they often believe that scoping their trust policy to a specific…Feb 16Feb 16
Exploiting Branch Wildcards in OIDC Trust PoliciesIn red team engagements targeting cloud-native environments, insider threats often present the most realistic attack scenarios. Whilst…Feb 10Feb 10
Exploiting Fork and pull_request_target to Compromise AWSIn red team engagements targeting cloud-native environments, one of the most effective attack paths involves exploiting misconfigurations…Feb 8Feb 8
ArgoCD’s Hidden Dex Problem: When SSO Becomes a Security LiabilityDuring security reviews of GitOps deployments, we often encounter ArgoCD installations where the Dex server — a component used for Single…Jan 22Jan 22
Rancher Meets EKS: How Imported Clusters Expose Your AWS CredentialsDuring security reviews of Rancher deployments — including managed Rancher offerings and bare-metal installations — we often assess how…Jan 2Jan 2
Rancher’s Hidden cluster-admin ProblemDuring security reviews of Rancher deployments — including managed Rancher offerings by third-party cloud providers — we often encounter…Jan 1Jan 1
Kubernetes Security Challenge — CVE-2021–43815I’ve recently recreated the CVE-2021–43815 vulnerability in a Kubernetes environment using a Kind cluster. This setup is now available on…Aug 15, 2025Aug 15, 2025
Auditing Role-Based Access Control (RBAC) in the Kubernetes EcosystemRole Based Access Control TheoryMar 8, 2025Mar 8, 2025
