Cybersecurity

Exploiting CI/CD Pipelines for Fun and Profit

On September 8, 2024, a significant exploit chain was discovered, starting from a publicly exposed . git directory, leading to a full server takeover. The vulnerabilities stem from websites exposing their . git folders.