BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//fwd-cloudsec-2026//talk//QHEZGN
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-fwd-cloudsec-2026-QHEZGN@pretalx.com
DTSTART;TZID=PST:20260601T092000
DTEND;TZID=PST:20260601T094000
DESCRIPTION:When examining the security of large-scale cloud environments\,
  one critical component is always present yet often overlooked: the Contai
 ner Registry. As a key component of modern CI/CD pipelines\, these registr
 ies serve as a single source of truth for production\, staging\, and devel
 opment across customer environments. While this centralization is convenie
 nt for DevOps teams\, it also creates the ultimate pivot point for attacke
 rs. \n \nIn this talk\, we will unveil a novel technique that allowed us t
 o escalate from a completely unprivileged state to full control over the b
 uild pipeline. In multiple engagements across major cloud and SaaS provide
 rs\, we were able to abuse centralized container registries and poison clo
 ud images with our own custom code. \n \nUnlike traditional supply-chain a
 ttacks\, this unique method enables lateral movement between otherwise iso
 lated environments. Threat actors can pivot from customer environments to 
 production\, staging\, and even to developers’ personal machines – all
  pulling from the same compromised source.   \n \nWe will illustrate our t
 echniques through real-world case studies\, including Alibaba Cloud\, IBM 
 Cloud\, SAP\, Hugging Face\, and Azure. Attendees will see firsthand how w
 e gained control over container and artifact registries\, ultimately expos
 ing internal artifacts and customer data. \n \nJoin us to explore containe
 r registries as a powerful attack vector and learn practical strategies to
  secure your infrastructure against similar threats.
DTSTAMP:20260502T124035Z
LOCATION:Room 1
SUMMARY:Push-Pull-Pwn: Hacking the Cloud through Container Registry Poisoni
 ng - Hillai Ben-Sasson\, Nir Ohfeld
URL:https://pretalx.com/fwd-cloudsec-2026/talk/QHEZGN/
END:VEVENT
END:VCALENDAR