Razz Security Blog

Just another cybersecurity blog

Tag: CI / CD pipeline security

  • Exploiting CI / CD Pipelines for fun and profit

    In today’s world of fast-paced development and continuous integration, security vulnerabilities can be easy to overlook. Recently, I discovered a severe exploit chain, starting from a publicly exposed .git directory, which led to a full server takeover. This blog will walk through the chain of events, outlining how each weak point compounded the issue.