This paper introduces the notion of cache-tapping into the information theoretic models of coded caching. The wiretap channel II in the presence of multiple receivers equipped with fixed-size cache memories, and an adversary which selects symbols to tap into from cache placement and/or delivery is introduced. The legitimate terminals know neither whether placement, delivery, or both are tapped, nor the positions in which they are tapped. Only the size of the overall tapped set is known. For two receivers and two files, the strong secrecy capacity- the maximum achievable file rate while keeping the overall library strongly secure- is identified. Lower and upper bounds on the strong secrecy file rate are derived when the library has more than two files. Achievability relies on a code design which combines wiretap coding, security embedding codes, one-time pad keys, and coded caching. A genie-aided upper bound, in which the transmitter is provided with user demands before placement, establishes the converse for the two-files case. For more than two files, the upper bound is constructed by three successive channel transformations. Our results establish provable security guarantees against a powerful adversary which optimizes its tapping over both phases of communication in a cache-aided system.