CI/CD supply chain attacks for data exfiltration or cloud account takeover The modern enterprise considers its CI/CD pipeline one of its most critical assets. However, the need to support developers in rapid tool exploration and iteration often drives devops teams to be fairly loose with repository and build controls. The…