diff --git a/nx-dev/ui-enterprise/src/lib/security/failing-compliance.tsx b/nx-dev/ui-enterprise/src/lib/security/failing-compliance.tsx
index 95e3ae93f3..80a3d1350b 100644
--- a/nx-dev/ui-enterprise/src/lib/security/failing-compliance.tsx
+++ b/nx-dev/ui-enterprise/src/lib/security/failing-compliance.tsx
@@ -42,31 +42,23 @@ export function FailingCompliance(): ReactElement {
- These community-built cache solutions all too often miss essential
- safeguards—no integrity validation, no fine-grained access
- controls, and no real-time token revocation:
+ Community-built cache solutions reading and writing directly from
+ the file storage are vulnerable to the Cache Poisoning by
+ Construction attack resulting in any contributor with pull request
+ privileges being able to potentially inject compromised artifacts
+ into production environments without detection.{' '}
+
+ This vulnerability completely circumvents conventional security
+ protections like encryption, access control and key management
+
+ .
-
-
nx-remotecache-azure
-
turborepo-remote-cache
-
nx-cache-server
-
turborepo-remote-cache-cloudflare
-
and others like them
-
- Our{' '}
-
- official Nx self-hosted plugin
- {' '}
- adds enhanced security but follows a similar architecture to the
- packages above. It is unable to make guarantees about how cache
- artifacts are secured or accessed and cannot meet the security
- demands of regulated industries.
+ Even our official Nx self-hosted plugins adds enhanced security
+ but follows a similar architecture. They are unable to make
+ guarantees about how cache artifacts are secured or accessed and
+ cannot meet the security demands of regulated industries.