Sub:jugation - Hijacking Cloud Identities by Recycling Namespaces in Global OIDC Issuers
Tal
fwd:cloudsec North America 2026 · Day 1
In a revealing presentation at fwd:cloudsec, Tal Verer, Head of Research at Asec Security, unveiled "Sub:jugation," a novel class of vulnerability impacting nearly all major CI/CD providers. What initially appeared to be a straightforward issue—the potential for reclaiming deleted namespaces—escalated into a critical security concern upon deeper analysis from an attacker's perspective. The talk meticulously detailed how a fundamental design flaw in modern CI/CD authentication, specifically the interplay of global OIDC issuers and reclaimable namespaces, leads to the creation of "phantom cloud identities" that are ripe for exploitation.
AI review
Solid original research that identifies a real, underappreciated design flaw in how CI/CD platforms violate RFC 7519's sub claim reassignment prohibition — and backs it with actual measurement data across hundreds of thousands of live cloud identities. The vendor fixes shipping at talk time confirm this is the real deal, not a thought experiment.