Flaw in Google Cloud functions sparks broader security concerns
A potential privilege escalation flaw affecting Google Cloud Platform (GCP) Cloud Functions and its Cloud Build service has been identified and investigated by security researchers.
The issue, initially discovered by Tenable Research, allowed attackers to exploit the deployment process of GCP Cloud Functions to gain elevated permissions.
Google has since issued a patch to mitigate the excessive privileges previously granted to default Cloud Build service accounts.
Read more at Infosecurity Magazine