Comment by kkapelon
2 years ago
Sorry, I am not trying to sell anything. I am not OP or parent poster.
If you want to hear about stories of privilege escalation there should be easy to find. I also have some on my own which I might describe in another post but essentially it was the classic - CI/CD pipeline that "thinks" it has access only to QA does a "destroy all servers" in both QA and Production because it also had access to production without knowing anything about it.
Famous HN (reddit) post: https://news.ycombinator.com/item?id=14476421
"Accidentally destroyed production database on first day of a job"
I also like the "integration tests reaching production" as well https://news.ycombinator.com/item?id=27546017