Threat Intelligence Report

Dataflow Rider: How Attackers can Abuse Shadow Resources in Google Cloud Dataflow

📅 February 13, 2026 📰 www.varonis.com 🔍 0 CVE(s) referenced

Attackers with basic write access to Google Cloud Storage buckets can silently hijack Dataflow pipelines by modifying unvalidated configuration files or user-defined functions, enabling data theft, code execution, and privilege escalation—risks that persist unless bucket access is tightly controlled.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle