es
Feedback
CloudSec Wine

CloudSec Wine

Ir al canal en Telegram

All about cloud security Contacts: @AMark0f @dvyakimov About DevSecOps: @sec_devops

Mostrar más
2 231
Suscriptores
+224 horas
+47 días
+830 días
Archivo de publicaciones
🏗 Encrypting Files with Passkeys and age A post explaining how to encrypt files with passkeys, using the WebAuthn prf extens
🏗 Encrypting Files with Passkeys and age A post explaining how to encrypt files with passkeys, using the WebAuthn prf extension and the TypeScript age implementation. https://words.filippo.io/passkey-encryption/ #build

🤖 Manipulating AI memory for profit: The rise of AI Recommendation Poisoning That helpful “Summarize with AI” button? It mig
🤖 Manipulating AI memory for profit: The rise of AI Recommendation Poisoning That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used for promotional purposes, a technique they called "AI Recommendation Poisoning". https://www.microsoft.com/en-us/security/blog/2026/02/10/ai-recommendation-poisoning/ #AI

standardizing_privileged_access_architecture_for_multi_cloud_1_1.pdf2.31 MB

🔐 Standardizing Privileged Access Architecture for Multi-Cloud This white paper examines the risks and attack vectors inherent in hybrid multi-cloud infrastructures, and analyzes various attack paths observed by Mandiant in real-world multi-cloud scenarios. #iam

🤖 Threat modeling agentic AI: a scenario-driven approach A practical workflow for threat modeling agentic AI systems: use a
🤖 Threat modeling agentic AI: a scenario-driven approach A practical workflow for threat modeling agentic AI systems: use a five-zone navigation lens to trace attack paths, formalize them as attack trees, and map to OWASP's threat taxonomy and playbooks. https://christian-schneider.net/blog/threat-modeling-agentic-ai/ #AI

🤖 From Automation to Infection: How OpenClaw AI Agent Skills Are Being Weaponized The fastest-growing personal AI agent ecos
+1
🤖 From Automation to Infection: How OpenClaw AI Agent Skills Are Being Weaponized The fastest-growing personal AI agent ecosystem just became a new delivery channel for malware. Over the last few days, VirusTotal has detected hundreds of OpenClaw skills that are actively malicious. https://blog.virustotal.com/2026/02/from-automation-to-infection-how.html #AI

👀 Building Slack’s Anomaly Event Response This article introduces Slack's Anomaly Event Response (AER), an automated securit
👀 Building Slack’s Anomaly Event Response This article introduces Slack's Anomaly Event Response (AER), an automated security system that detects suspicious activities and terminates user sessions in real-time, reducing detection-to-response gaps from hours to minutes. https://slack.engineering/building-slacks-anomaly-event-response/ #monitor

🔐 Blog: A Beginners Guide: Cross-Device Passkeys Find out more about how passkeys can be used across devices using a mechani
🔐 Blog: A Beginners Guide: Cross-Device Passkeys Find out more about how passkeys can be used across devices using a mechanism called Hybrid transport. https://bughunters.google.com/blog/passkeys #iam

🔴 Google Looker RCE vulnerabilities: Patch now Tenable Research discovered two novel vulnerabilities in Google Looker that c
+1
🔴 Google Looker RCE vulnerabilities: Patch now Tenable Research discovered two novel vulnerabilities in Google Looker that could allow an attacker to completely compromise a Looker instance. https://www.tenable.com/blog/google-looker-vulnerabilities-rce-internal-access-lookout #gcp

👩‍💻 Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile Mature enterprises lock down egress but often carve out
👩‍💻 Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile Mature enterprises lock down egress but often carve out broad exceptions for trusted cloud services. This post shows how reviewing deployment guides can help identify those exceptions and weaponize them with a new Mythic C2 profile called azureBlob. https://specterops.io/blog/2026/01/30/weaponizing-whitelists-an-azure-blob-storage-mythic-c2-profile/ #azure

🤖 AI-Assisted Development at Block Block's AI engineering approach includes: 95% of engineers using AI assistants, providing
🤖 AI-Assisted Development at Block Block's AI engineering approach includes: 95% of engineers using AI assistants, providing freedom to explore multiple tools, launching an AI Champions program focused on repo readiness and context engineering, implementing automated PRs, and planning team-based workshops for multi-agent workflows. https://engineering.block.xyz/blog/ai-assisted-development-at-block #AI

⚙️ Stealing Salesforce OAuth Tokens using the WAF This post details a method for stealing Salesforce OAuth tokens by exploiti
⚙️ Stealing Salesforce OAuth Tokens using the WAF This post details a method for stealing Salesforce OAuth tokens by exploiting an XSS vulnerability and leveraging the Cloudflare Web Application Firewall (WAF). https://castilho.sh/salesforce-oauth-ato #saas

⚙ We should all be using dependency cooldowns Dependency cooldowns delay automatic dependency updates, providing a free and e
We should all be using dependency cooldowns Dependency cooldowns delay automatic dependency updates, providing a free and effective mitigation against most open source supply chain attacks. Tools like Dependabot and Renovate support configurable cooldown periods before adopting new dependency versions. https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns #cicd

⚙️ Kube-Policies BinauthZ: Closing the Supply Chain Gap in Kubernetes Block's BinauthZ plugin extends their OPA-based admissi
⚙️ Kube-Policies BinauthZ: Closing the Supply Chain Gap in Kubernetes Block's BinauthZ plugin extends their OPA-based admission controller to cryptographically verify container image signatures and attestations at Kubernetes admission time, enforcing SLSA using Sigstore/cosign with AWS KMS. https://engineering.block.xyz/blog/kube-policies-binauthz-closing-the-supply-chain-gap-in-kubernetes #kubernetes

Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission An authorization bypass in Kubernetes RBAC allows for nodes/p
Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission An authorization bypass in Kubernetes RBAC allows for nodes/proxy GET permissions to execute commands in any Pod in the cluster. https://grahamhelton.com/blog/nodes-proxy-rce #kubernetes

⚙ Running Renovate as a GitHub Action (and NO PAT!) A post explaining how you can run Renovate as a GitHub Action without nee
Running Renovate as a GitHub Action (and NO PAT!) A post explaining how you can run Renovate as a GitHub Action without needing a GitHub Personal Access Token by using Octo STS. https://www.chainguard.dev/unchained/running-renovate-as-a-github-action #ci/cd

👩‍💻 A new era of agents, a new era of posture Microsoft Defender introduces AI Security Posture Management for multi-cloud
👩‍💻 A new era of agents, a new era of posture Microsoft Defender introduces AI Security Posture Management for multi-cloud environments, providing visibility and contextual risk assessment across AI agent architectures. It identifies agents connected to sensitive data, susceptible to indirect prompt injection attacks, and operating as coordinators, while offering attack path analysis and actionable hardening recommendations. https://www.microsoft.com/en-us/security/blog/2026/01/21/new-era-of-agents-new-era-of-posture/ #azure

👩‍💻 Linking Privileged Accounts to Identities in Microsoft Defender: Benefits & Use Cases Microsoft Defender for Identity n
👩‍💻 Linking Privileged Accounts to Identities in Microsoft Defender: Benefits & Use Cases Microsoft Defender for Identity now allows linking multiple accounts to a single identity, by correlating accounts from different identity providers or linking distinct user accounts, crucial for incident response and remediation. https://www.cloud-architekt.net/linking-privileged-accounts-in-defender/ #azure

🔶 CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild Wiz Research dis
🔶 CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild Wiz Research discovered a critical supply chain vulnerability that abused a CodeBuild misconfiguration to take over key AWS GitHub repositories, including the JavaScript SDK powering the AWS Console. https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild #aws

⚙️ Kubernetes v1.35: A Better Way to Pass Service Account Tokens to CSI Drivers Kubernetes 1.35 introduces beta support for C
⚙️ Kubernetes v1.35: A Better Way to Pass Service Account Tokens to CSI Drivers Kubernetes 1.35 introduces beta support for CSI drivers to receive service account tokens via the "secrets" field instead of "volume_context", preventing accidental token logging. https://kubernetes.io/blog/2026/01/07/kubernetes-v1-35-csi-sa-tokens-secrets-field-beta/ #kubernetes