{"id":52827,"date":"2023-07-18T23:02:00","date_gmt":"2023-07-18T23:02:00","guid":{"rendered":"https:\/\/www.darkreading.com\/application-security\/design-flaw-in-google-cloud-build-enables-privilege-escalation-code-tampering"},"modified":"2023-07-18T23:02:00","modified_gmt":"2023-07-18T23:02:00","slug":"google-cloud-build-flaw-enables-privilege-escalation-code-tampering","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/","title":{"rendered":"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering"},"content":{"rendered":"
<\/div>\n

A newly discovered vulnerability in Google Cloud Build enables attackers to tamper with and inject malware into images stored in Artifact Registry, Google’s repository for hosting software artifacts such as packages and container images.<\/p>\n

Any applications then making use of those compromised container images risk malware infections, denial-of-service attacks, data theft, and other negative impacts.<\/p>\n

The Bad.Build Issue<\/h2>\n

Researchers at Orca Security recently discovered the flaw, which they dubbed Bad.Build, when analyzing an application programming interface (API) call request associated with a Google cloud platform resource. They reported the issue to Google, which investigated the problem and issued a fix for it in June.<\/p>\n

However, Orca, in a report this week<\/a>, described the fix as insufficient and only partially addressing the vulnerability.<\/p>\n

“The flaw presents a significant supply chain risk since it allows attackers to maliciously tamper with application images, which can then infect users and customers when they install the application,” Orca cloud threat researcher Roi Nisimi said. “As we have seen with the SolarWinds and recent 3CX<\/a> and MOVEit<\/a> supply chain attacks, this can have far reaching consequences.”<\/p>\n

According to Orca, the Bad.Build flaw really is a design issue and has to do with the default permissions associated with the Google Cloud Build service. The excessive permissions associated with the service give adversaries a relatively easy way to access audit logs that contain a complete list of permissions associated with all GCP accounts in a Google Cloud Build “Project.”<\/p>\n

“What makes this information so lucrative is that it greatly facilitates lateral movement and privilege escalation in the environment,” Nisimi said. “Knowing which GCP account can perform which action is equal to solving a great piece of the puzzle on how to launch an attack.”<\/p>\n

Orca’s researchers discovered that by using a GCP account with the permission to create a new build (cloudbuild.builds.create), they could relatively easily impersonate the Cloud Build Service account and view all Project permissions. “An attacker would need to have access to the cloudbuild.builds.create permission, which could either be obtained through insider access or by an outsider that has gained unauthorized access to a user with this permission,” says Nisimi, in comments to Dark Reading.<\/p>\n

Simple to Exploit<\/h2>\n

“They would need to execute just three lines of code to build a public Gcloud image on the Cloud Build servers and run the commands as shown in our proof of concept<\/a> to escalate the user’s privileges and execute any action that the Cloud Build Service Account is allowed to perform,” he says.<\/p>\n

Google’s fix for Bad.Build removes the logging permission from the default Google Cloud Build service role, which means that particular service no longer has access to the audit logs which list the entire Project’s permissions each time there’s a change, Nisimi notes.<\/p>\n

However, there is a whole list of other roles with the cloudbuild.builds.create permission that can do the same thing. Any user with the cloudbuild.builds.create permission can escalate privileges and execute a wide range of actions \u2014 including manipulating images and injecting malicious code into them \u2014 unless organizations specifically revoke the default permissions of the Google Cloud Build service, he says.<\/p>\n

A Google spokeswoman had little to say about the flaw or the claims of a partial fix. “We appreciate the work of the researchers and have incorporated a fix based on their report as outlined in a security bulletin<\/a> issued in early June,” she said.<\/p>\n

Limiting Privileges<\/h2>\n

When users enable the Cloud Build API in a project, Cloud Build automatically creates a default service account<\/a> to execute builds on the user’s behalf, according to Google’s advisory on the vulnerability. This Cloud Build service account previously allowed the build to have access to private logs by default, but as the June 8 security bulletin noted, “This permission has now been revoked from the Cloud Build service account to adhere to the security principle of least privilege<\/a>.”<\/p>\n

According to Nisimi, Google’s stance appears to be that the issue is the default permissions that organizations choose to enable for Cloud Build. He says, “Google recognizes that there is a supply-chain attack risk as described, but that it revolves around the choice of default permissions supporting the most common development workflows.”<\/p>\n

Google’s stance is that customers are responsible for further locking down access for more advanced scenarios. “Therefore the supply chain risk is persistent, and organizations must limit the cloudbuild.builds.create permission as much as possible to reduce the risk of a supply chain attack,” Nisimi says.<\/p>\n

Read More HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Google’s fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it.Read More HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-52827","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"\nGoogle Cloud Build Flaw Enables Privilege Escalation, Code Tampering 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-18T23:02:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering\",\"datePublished\":\"2023-07-18T23:02:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/\"},\"wordCount\":774,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/\",\"name\":\"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg\",\"datePublished\":\"2023-07-18T23:02:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#primaryimage\",\"url\":\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg\",\"contentUrl\":\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/","og_locale":"en_US","og_type":"article","og_title":"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-07-18T23:02:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering","datePublished":"2023-07-18T23:02:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/"},"wordCount":774,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/","url":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/","name":"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg","datePublished":"2023-07-18T23:02:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt7cd4c5245859d25b\/64b6fff56468647a69a48c8e\/googlecloud_Laylistique_shutterstock.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/google-cloud-build-flaw-enables-privilege-escalation-code-tampering\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52827","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52827"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52827\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52827"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52827"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52827"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}