2026-06-01 –, Room 1
When examining the security of large-scale cloud environments, one critical component is always present yet often overlooked: the Container Registry. As a key component of modern CI/CD pipelines, these registries serve as a single source of truth for production, staging, and development across customer environments. While this centralization is convenient for DevOps teams, it also creates the ultimate pivot point for attackers.
In this talk, we will unveil a novel technique that allowed us to escalate from a completely unprivileged state to full control over the build pipeline. In multiple engagements across major cloud and SaaS providers, we were able to abuse centralized container registries and poison cloud images with our own custom code.
Unlike traditional supply-chain attacks, this unique method enables lateral movement between otherwise isolated environments. Threat actors can pivot from customer environments to production, staging, and even to developers’ personal machines – all pulling from the same compromised source.
We will illustrate our techniques through real-world case studies, including Alibaba Cloud, IBM Cloud, SAP, Hugging Face, and Azure. Attendees will see firsthand how we gained control over container and artifact registries, ultimately exposing internal artifacts and customer data.
Join us to explore container registries as a powerful attack vector and learn practical strategies to secure your infrastructure against similar threats.
Hillai Ben-Sasson (@hillai) is a Security Researcher based in Israel. As part of the Wiz Research Team, Hillai specializes in research and exploitation of web applications, application security, and finding vulnerabilities in complex high-level systems. Hillai is a frequent speaker in security conferences and has been recognized in MSRC's Most Valuable Researchers leaderboard.