Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks – [email protected] (The Hacker News)

– [[{“value”:”Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp’s Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data.
“Since these are hardened languages with limited capabilities, they’re supposed to be more secure than”}]]  – Read More  – The Hacker News