uk
Feedback
CloudSec Wine

CloudSec Wine

Відкрити в Telegram

All about cloud security Contacts: @AMark0f @dvyakimov About DevSecOps: @sec_devops

Показати більше
2 237
Підписники
+224 години
-27 днів
+1030 день
Архів дописів
🤖 How "Clinejection" Turned an AI Bot into a Supply Chain Attack A prompt injection in a GitHub issue title gave attackers c
🤖 How "Clinejection" Turned an AI Bot into a Supply Chain Attack A prompt injection in a GitHub issue title gave attackers code execution inside Cline's CI/CD pipeline, leading to cache poisoning, stolen npm credentials, and an unauthorized package publish affecting the popular AI coding tool's 5 million users. Here's the full technical breakdown and what developers should do now. https://snyk.io/blog/cline-supply-chain-attack-prompt-injection-github-actions/ (Use VPN to open from Russia) #AI

🤖 Using threat modeling and prompt injection to audit Comet Trail of Bits used ML-centered threat modeling and adversarial t
🤖 Using threat modeling and prompt injection to audit Comet Trail of Bits used ML-centered threat modeling and adversarial testing to identify four prompt injection techniques that could exploit Perplexity's Comet browser AI assistant to exfiltrate private Gmail data. The audit demonstrated how fake security mechanisms, system instructions, and user requests could manipulate the AI agent into accessing and transmitting sensitive user information. https://blog.trailofbits.com/2026/02/20/using-threat-modeling-and-prompt-injection-to-audit-comet/ #AI

🔴 Google API Keys Weren't Secrets. But then Gemini Changed the Rules Enabling the Gemini API on a GCP project silently grant
🔴 Google API Keys Weren't Secrets. But then Gemini Changed the Rules Enabling the Gemini API on a GCP project silently grants existing public AIza... keys (e.g., Maps/Firebase) access to sensitive Gemini endpoints. Truffle Security found 2,863 such exposed keys via Common Crawl, enabling data access, billing abuse, and quota exhaustion, including against Google's own infrastructure. https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules #gcp

🔶 AWS Incident Response: IAM Containment That Survives Eventual Consistency Standard AWS IR containment fails against attack
🔶 AWS Incident Response: IAM Containment That Survives Eventual Consistency Standard AWS IR containment fails against attackers exploiting IAM eventual consistency. This article presents an SCP-enforced technique that makes identity-level containment attacker-resistant. https://www.offensai.com/blog/eventual-consistency-resistant-iam-containment-aws-incident-response (Use VPN to open from Russia) #aws

🤖 caterpillar Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous o
🤖 caterpillar Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior. https://github.com/alice-dot-io/caterpillar #AI

🤖 MCP Server Security: The Hidden AI Attack Surface MCP servers connecting AI assistants to external tools create significan
🤖 MCP Server Security: The Hidden AI Attack Surface MCP servers connecting AI assistants to external tools create significant attack surfaces enabling arbitrary code execution, data exfiltration, and social engineering. Both local and remote MCP servers can be exploited through server chaining, supply chain attacks, and malicious tool implementations. https://www.praetorian.com/blog/mcp-server-security-the-hidden-ai-attack-surface/ #AI

🔶🤖 Building an AI-powered defense-in-depth security architecture for serverless microservices This AWS blog demonstrates im
🔶🤖 Building an AI-powered defense-in-depth security architecture for serverless microservices This AWS blog demonstrates implementing a seven-layer AI-powered defense-in-depth security architecture for serverless microservices using AWS Shield, WAF, Cognito, API Gateway, VPC, Lambda, Secrets Manager, and DynamoDB, enhanced with GuardDuty and Amazon Bedrock for intelligent threat detection and automated response. https://aws.amazon.com/ru/blogs/security/building-an-ai-powered-defense-in-depth-security-architecture-for-serverless-microservices/ (Use VPN to open from Russia) #aws #AI

🤖 3 Principles for Designing Agent Skills Block Engineering discusses designing agent skills using three principles: make de
🤖 3 Principles for Designing Agent Skills Block Engineering discusses designing agent skills using three principles: make deterministic outputs script-based, let agents handle interpretation and conversation, and write explicit constitutional constraints. Skills codify tribal knowledge into executable documentation for AI agents across their organization. https://engineering.block.xyz/blog/3-principles-for-designing-agent-skills #AI

🤖 augustus LLM security testing framework for detecting prompt injection, jailbreaks, and adversarial attacks. See also the
🤖 augustus LLM security testing framework for detecting prompt injection, jailbreaks, and adversarial attacks. See also the companion blog post. https://github.com/praetorian-inc/ #AI

🏗 Encrypting Files with Passkeys and age A post explaining how to encrypt files with passkeys, using the WebAuthn prf extens
🏗 Encrypting Files with Passkeys and age A post explaining how to encrypt files with passkeys, using the WebAuthn prf extension and the TypeScript age implementation. https://words.filippo.io/passkey-encryption/ #build

🤖 Manipulating AI memory for profit: The rise of AI Recommendation Poisoning That helpful “Summarize with AI” button? It mig
🤖 Manipulating AI memory for profit: The rise of AI Recommendation Poisoning That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used for promotional purposes, a technique they called "AI Recommendation Poisoning". https://www.microsoft.com/en-us/security/blog/2026/02/10/ai-recommendation-poisoning/ #AI

standardizing_privileged_access_architecture_for_multi_cloud_1_1.pdf2.31 MB

🔐 Standardizing Privileged Access Architecture for Multi-Cloud This white paper examines the risks and attack vectors inherent in hybrid multi-cloud infrastructures, and analyzes various attack paths observed by Mandiant in real-world multi-cloud scenarios. #iam

🤖 Threat modeling agentic AI: a scenario-driven approach A practical workflow for threat modeling agentic AI systems: use a
🤖 Threat modeling agentic AI: a scenario-driven approach A practical workflow for threat modeling agentic AI systems: use a five-zone navigation lens to trace attack paths, formalize them as attack trees, and map to OWASP's threat taxonomy and playbooks. https://christian-schneider.net/blog/threat-modeling-agentic-ai/ #AI

🤖 From Automation to Infection: How OpenClaw AI Agent Skills Are Being Weaponized The fastest-growing personal AI agent ecos
+1
🤖 From Automation to Infection: How OpenClaw AI Agent Skills Are Being Weaponized The fastest-growing personal AI agent ecosystem just became a new delivery channel for malware. Over the last few days, VirusTotal has detected hundreds of OpenClaw skills that are actively malicious. https://blog.virustotal.com/2026/02/from-automation-to-infection-how.html #AI

👀 Building Slack’s Anomaly Event Response This article introduces Slack's Anomaly Event Response (AER), an automated securit
👀 Building Slack’s Anomaly Event Response This article introduces Slack's Anomaly Event Response (AER), an automated security system that detects suspicious activities and terminates user sessions in real-time, reducing detection-to-response gaps from hours to minutes. https://slack.engineering/building-slacks-anomaly-event-response/ #monitor

🔐 Blog: A Beginners Guide: Cross-Device Passkeys Find out more about how passkeys can be used across devices using a mechani
🔐 Blog: A Beginners Guide: Cross-Device Passkeys Find out more about how passkeys can be used across devices using a mechanism called Hybrid transport. https://bughunters.google.com/blog/passkeys #iam

🔴 Google Looker RCE vulnerabilities: Patch now Tenable Research discovered two novel vulnerabilities in Google Looker that c
+1
🔴 Google Looker RCE vulnerabilities: Patch now Tenable Research discovered two novel vulnerabilities in Google Looker that could allow an attacker to completely compromise a Looker instance. https://www.tenable.com/blog/google-looker-vulnerabilities-rce-internal-access-lookout #gcp

👩‍💻 Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile Mature enterprises lock down egress but often carve out
👩‍💻 Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile Mature enterprises lock down egress but often carve out broad exceptions for trusted cloud services. This post shows how reviewing deployment guides can help identify those exceptions and weaponize them with a new Mythic C2 profile called azureBlob. https://specterops.io/blog/2026/01/30/weaponizing-whitelists-an-azure-blob-storage-mythic-c2-profile/ #azure

🤖 AI-Assisted Development at Block Block's AI engineering approach includes: 95% of engineers using AI assistants, providing
🤖 AI-Assisted Development at Block Block's AI engineering approach includes: 95% of engineers using AI assistants, providing freedom to explore multiple tools, launching an AI Champions program focused on repo readiness and context engineering, implementing automated PRs, and planning team-based workshops for multi-agent workflows. https://engineering.block.xyz/blog/ai-assisted-development-at-block #AI