• Open

    PLEASE_READ_ME: The Opportunistic Ransomware Devastating MySQL Servers
    Guardicore Labs uncovers a Ransomware detection campaign targeting MySQL servers. Attackers use Double Extortion and publish data to pressure victims.
    The Nansh0u Campaign – Hackers Arsenal Grows Stronger
    In the beginning of April, three attacks detected in the Guardicore Global Sensor Network (GGSN) caught our attention. All three had source IP addresses originating in South-Africa and hosted by VolumeDrive ISP (see IoCs).
    The Oracle of Delphi Will Steal Your Credentials
    Our deception technology is able to reroute attackers into honeypots, where they believe that they found their real target. The attacks brute forced passwords for RDP credentials to connect to the victim download and execute a previously undetected malware, which we named Trojan.sysscan.
    Threats Making WAVs - Incident Response to a Cryptomining Attack
    Guardicore security researchers describe and uncover a full analysis of a cryptomining attack, which hid a cryptominer inside WAV files. The report includes the full attack vectors, from detection, infection, network propagation and malware analysis and recommendations for optimizing incident response processes in data centers.
    Keep Your Tech Flame Alive: Trailblazer Rachel Bayley
    In this Akamai FLAME Trailblazer blog post, Rachel Bayley encourages women to step into the unknown and to be their authentic selves.
  • Open

    Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery
    Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This analysis breaks down the attack chain, payload delivery, and recommended defenses. The post Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery appeared first on Microsoft Security Blog.

  • Open

    OFAC Sanctions Iran Central Bank Crypto Wallets, Freezing $131M in Stablecoins
    The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Tuesday updated its Central Bank of Iran designation to… The post OFAC Sanctions Iran Central Bank Crypto Wallets, Freezing $131M in Stablecoins appeared first on Chainalysis.
  • Open

    Weekly Threat Bulletin – July 15th, 2026
    These are the top threats you should know about this week.
  • Open

    Turning threat intelligence into decisive action with Defender Experts
    Security teams have never had more visibility, yet rarely have they felt more uncertain. Signal pours in from endpoints, identities, cloud workloads, and a sprawling mix of third-party tools. The post Turning threat intelligence into decisive action with Defender Experts appeared first on Microsoft Security Blog.
  • Open

    Podcast: We Are Living in a ‘ChatGPT Flyer Pandemic’
    ChatGPT flyers are everywhere; how Waymo drove some kids to the cops; and a $3,000 suit that electrocutes your muscles.
    Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius
    Hacked source code reveals how Suno scraped decades worth of music and podcasts from the internet to train its AI tool.
  • Open

    Smash and Grab at Scale: Agentic AI Is Reshaping the Threat to Commerce
    The SOTI Security report examines how agentic AI is disrupting commerce security, scaling API abuse, and driving up infrastructure costs.
    A New Definition of Hyperscale
    No content preview
    Post-Quantum Cryptography: What’s Next for Edge Security
    No content preview
  • Open

    Infosec News Nuggets — July 15, 2026
    Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days Microsoft’s July update round shattered its own record with fixes for 570 flaws, nearly triple June’s total, a jump the company attributes to AI-assisted vulnerability discovery across the Windows codebase. Three zero-days made the cut: an Active Directory Federation Services elevation-of-privilege bug and a […] The post Infosec News Nuggets — July 15, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.
  • Open

    ICYMI: June 2026 @AWS Security
    Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts, new service capabilities, code samples, and workshops. AWS Security Blog posts This month’s AWS Security Blog posts covered identity and access management, threat intelligence, network security, AI-powered security tooling, and multi-account […]

  • Open

    Security Hub adds AI workload protection and multicloud support for Microsoft Azure
    Security Hub is our foundation for full-stack enterprise security across clouds. It centralizes your security operations and turns raw signals into prioritized insights, so your team spends its time managing real risk instead of stitching tools together. Today that foundation grows in two directions our customers asked for most. We are adding purpose-built protection for […]
    Authenticate legitimate AI agent traffic with AWS WAF Bot Control
    As AI agents and automated tools increasingly access web applications, distinguishing legitimate bot traffic from malicious attempts has become a critical security challenge. Traditional approaches such as IP-based filtering and reverse DNS lookups fail in multi-tenant systems (such as Amazon Bedrock AgentCore) where thousands of distinct workloads share the same IP space. Attackers can easily […]
  • Open

    Langflow Exploited to Build Custom DDoS Gafgyt Botnets
    No content preview
    Boardroom Conversations Shift to Surviving a Breach
    No content preview
  • Open

    Canada’s Electronic Spy Agency Conducted Cyberattacks on Criminals Brokering Fentanyl Ingredients, Report Says
    Research fellow Bill Robinson speaks with The Globe and Mail about CSE spending. The post Canada’s Electronic Spy Agency Conducted Cyberattacks on Criminals Brokering Fentanyl Ingredients, Report Says appeared first on The Citizen Lab.
  • Open

    Adversarial Tales
    A competitive open-weight model, Claude Fable, and Jade Puffer
  • Open

    “Stern,” Likely Most Prolific Ransomware Operator Ever, Sanctioned by EU as Action Targets Billions in Ransomware Damage
    Summary The United States, United Kingdom, and European Union announced sanctions targeting nation-state hackers, cybercriminals, and their enablers in one… The post “Stern,” Likely Most Prolific Ransomware Operator Ever, Sanctioned by EU as Action Targets Billions in Ransomware Damage appeared first on Chainalysis.
    Chainalysis Supports Stable with Automatic Token Support
    Chainalysis is excited to announce support for Stable, a Layer 1 blockchain optimized for stablecoin payments and aligned with the… The post Chainalysis Supports Stable with Automatic Token Support appeared first on Chainalysis.
  • Open

    Is the Best Game of the Year a Failure? (With Rob Zacny)
    Remap Radio’s Rob Zacny and Emanuel dive deep into their current favorite game, Marathon, and what its middling success says about the future of games.
    AI Made Cloning Games Easier Than Ever
    Vibecoding has made it possible to create a cheap rip off of a video game in just a few hours.
  • Open

    Introducing snowpick: Testing ServiceNow for Public Data Exposure
    ServiceNow portals can expose backend records through public widgets and API endpoints even when the visible portal looks locked down. Bishop Fox built snowpick to test both surfaces systematically, and across 166 authorized assessments, nearly a third of instances returned data they shouldn't have.
  • Open

    Infosec News Nuggets — July 14, 2026
    iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days CISA added two maximum-severity flaws affecting the iCagenda and Balbooa Forms extensions for Joomla to its Known Exploited Vulnerabilities catalog after reports of zero-day exploitation in the wild. Both bugs, rated 10.0 on the CVSS scale, allow unauthenticated attackers to upload arbitrary files through form […] The post Infosec News Nuggets — July 14, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.

  • Open

    Defending SaaS-based applications against ShinyHunters OAuth abuse
    Microsoft Threat Intelligence identified threat actor activity with overlapping tradecraft commonly associated with ShinyHunters, including voice phishing (vishing), supply-chain compromise, and misconfigured guest access targeting SaaS-based applications. The post Defending SaaS-based applications against ShinyHunters OAuth abuse appeared first on Microsoft Security Blog.
    Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID
    Microsoft Entra ID makes passkeys the default sign-in experience and introduces a new model for SMS and voice authentication. Read about how to prepare. The post Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID appeared first on Microsoft Security Blog.
  • Open

    Podcast: Liberation, Eroticism, and Sex in Public (with Angela Jones)
    This week we’re joined by Dr. Angela Jones, who asks these questions and much more in their new book, Sex in Public.
    LAPD Regularly Pulled Over Innocent People Because License Plate Readers Flagged Their Cars As Stolen
    The Los Angeles Police Department let its Flock contract expire over the weekend in part because it was regularly "investigating" and surveilling innocent people.
    I Bought the $3,000 Fitness Suit That Electrocutes You. I’m Sending It Back
    Celebrities like George Clooney have praised the expensive Katalyst suit. For me, it derailed my other exercises and made me reassess my obsession with fitness and efficiency.
    These Are the Worst ChatGPT Flyers You've Sent Us
    Welcome to the AI-generated poster hall of shame.
  • Open

    MQL for Email APT Hunting | Bryan Campbell
    No content preview
  • Open

    Courtroom-Ready Analytics: How Chainalysis Met the Daubert Standard
    Blockchain tracing tools like Chainalysis Reactor help investigators untangle the financial networks behind illicit activity: fraud, theft, sanctions evasion, cybercrime,… The post Courtroom-Ready Analytics: How Chainalysis Met the Daubert Standard appeared first on Chainalysis.
  • Open

    New compliance guidance available: HITRUST i1 on AWS
    We are pleased to announce the publication of a new AWS compliance implementation guidance: HITRUST i1 Compliance on AWS: Customer Implementation Guidance with an Illustrative Healthcare Platform. Healthcare organizations seeking HITRUST i1 certification increasingly rely on Amazon Web Services (AWS) as their cloud foundation. The HITRUST i1 assessment covers 182 curated controls at the Implemented […]
  • Open

    Infosec News Nuggets — July 13, 2026
    Hackers Exploit Critical Auth Bypass in Gitea Docker Image: Attackers are actively abusing a critical flaw in the official Docker image for the self-hosted Git service Gitea, tracked as CVE-2026-20896, which ships with reverse-proxy authentication trusting an identity header from any source IP. That misconfiguration lets an unauthenticated internet client claim to be any user, […] The post Infosec News Nuggets — July 13, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.
    Infosec News Nuggets — July 13, 2026
    Hackers Exploit Critical Auth Bypass in Gitea Docker Image: Attackers are actively abusing a critical flaw in the official Docker image for the self-hosted Git service Gitea, tracked as CVE-2026-20896, which ships with reverse-proxy authentication trusting an identity header from any source IP. That misconfiguration lets an unauthenticated internet client claim to be any user, […] The post Infosec News Nuggets — July 13, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.
  • Open

    Beyond Cloud Uptime: API Security and AI Resilience for 2026
    No content preview

  • Open

    📖 [The CloudSecList] Issue 346
    📖 [The CloudSecList] Issue 346 was originally published by Marco Lancini at CloudSecList on July 12, 2026.
  • Open

    Scientists Solve Mystery of Bizarre ‘Alien Megastructure’ Star
    For more than a decade, the strange light patterns emitted by “Tabby’s Star” have sparked speculation about alien megastructures and exotic natural explanations. The discovery of a giant planet is a new twist.

  • Open

    From Lure to Alert: Implementing Canary Tokens in M365 | Ryan O'Donnell
    No content preview
  • Open

    AI Fiction Is Easy to Detect Because It's Stupid and Bad, Research Finds
    ChatGPT uses too many dream sequences and Gemini won’t stop describing characters.
    Behind the Blog: The Promise of the Internet
    This week, we discuss mobile podcasting, participating in the meme, and vertigo.
  • Open

    AWS designated as a critical third party to the UK financial sector
    Amazon Web Services EMEA Sarl (AWS) has been designated as a critical third party (CTP) to the UK financial sector by HM Treasury. The CTP regime came into force on January 1, 2025, and establishes a framework through which the Bank of England, PRA, and FCA (collectively the UK regulators) can set requirements on and […]
  • Open

    Securing our future: July 2026 progress report on Microsoft’s Secure Future Initiative
    Microsoft’s latest Secure Future Initiative report outlines progress on secure foundations, AI-powered defense, and future-ready cybersecurity. The post Securing our future: July 2026 progress report on Microsoft’s Secure Future Initiative appeared first on Microsoft Security Blog.
  • Open

    Infosec News Nuggets — July 10, 2026
    CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV Four security flaws have been added to the federal catalog of known exploited vulnerabilities after evidence surfaced of active attacks in the wild, including a maximum-severity path traversal bug in Adobe ColdFusion that was weaponized within hours of public disclosure and two unauthenticated […] The post Infosec News Nuggets — July 10, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.
  • Open

    Akamai Cloud Pulse Audit Logs Are Generally Available
    No content preview

  • Open

    Introducing OAuth Support for AWS MCP Server
    You can now connect your agents to the AWS MCP Server using the same credentials and sign-in methods that you already use for connecting to the AWS Management Console or AWS Command Line Interface (AWS CLI) through a familiar browser-based experience powered by industry-standard OAuth. This new sign-in path supports AWS Identity and Access Management […]
  • Open

    Patreon Blocks Crawlers From Stealing Creators' Work for AI Training
    “Creators deserve credit, compensation, and consent. If that's not on the table, the crawlers can stay the fuck off Patreon," CEO Jack Conte wrote on Thursday.
    Farmers Finally Get a John Deere Right to Repair Agreement That Doesn’t Screw Them Over
    The FTC's settlement with John Deere actually has teeth, unlike previous settlements that largely maintained the status quo.
    LinkedIn and X Are Flooded With AI Spam, Browsing Data Suggests
    An AI detection company found that amount of AI content that users actually see in their day-to-day browsing is shockingly high.
  • Open

    GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware
    GigaWiper, also tracked as BLUERABBIT, is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational platform. This blog analyzes how the malware incorporates code from several previously separate malware families and provides guidance to help defenders detect and defend against similar threats. The post GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware appeared first on Microsoft Security Blog.
  • Open

    Driving Real-World Impact: Inside Akamai’s 2025 Sustainability Report
    No content preview
  • Open

    Infosec News Nuggets — July 9, 2026
    Accenture confirms breach after hacker offers stolen data for sale IT services giant Accenture confirmed a security breach after a threat actor calling themselves “888” claimed to have stolen 35 GB of data, including source code, RSA and SSH keys, Azure personal access tokens, and configuration files, and began offering it for sale on a […] The post Infosec News Nuggets — July 9, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.

  • Open

    When AI Models Outgrow Storage
    Discover how Akamai Object Storage absorbs high-frequency machine data, mitigates egress costs, and scales production AI model outputs.
    Securing the AI Frontier: A Blueprint for Partners
    No content preview
    CVE-2026-48282: Mitigating a Critical Vulnerability in Adobe ColdFusion
    No content preview
  • Open

    Designing for the inevitable: System prompt leakage and mitigations in generative AI applications
    System prompts form the foundation of generative AI applications. A system prompt is a collection of instructions and operational context provided to a large language model (LLM) that shapes how the model behaves and interacts with users and tools. System prompts often contain proprietary information, including role definitions, behavioral guidelines, tool descriptions and usage instructions, […]
    The CISO’s guide to post-quantum mandates and migrations
    Over a dozen major economies have now published post-quantum cryptography (PQC) adoption guidance. As a CISO, you’re probably well into your migration plan and know the most difficult part has little to do with changing algorithms. The real leadership challenge is driving coordinated change across a large, complex organization where asymmetric cryptography is embedded in […]
  • Open

    Weekly Threat Bulletin – July 8th, 2026
    These are the top threats you should know about this week.
  • Open

    Meta Patents AI Device That Tracks Your Emotions, Watches You Take Your Meds
    Imagine a wearable device that records every moment of your day and makes suggestions based on your mood.
  • Open

    Protecting Microsoft at AI speed: How SFI proactively hardens our cloud
    At Microsoft we encompass these security requirements, along with threat knowledge, and operational frameworks in our Secure Future Initiative (SFI), to guide what a well-defended cloud service looks like. But defining the requirements is only the start. Meeting the requirements means continuously evaluating our live services against them, at AI speed. The post Protecting Microsoft at AI speed: How SFI proactively hardens our cloud   appeared first on Microsoft Security Blog.
  • Open

    AI Surveillance Is Being Supercharged–And It Will Chill Social Progress
    Senior research fellow Jon Penney and co-author Bruce Schneier argue that widely deploying AI surveillance could be corrosive to democracy. The post AI Surveillance Is Being Supercharged–And It Will Chill Social Progress appeared first on The Citizen Lab.
  • Open

    Cracking Firmware with Claude: Senior-Level Skill, Junior-Level Autonomy
    A senior Bishop Fox researcher once cracked SonicWall's proprietary firmware encryption by hand. We gave Claude the same problem, two artifacts, one instruction, and mostly got out of the way. What happened next reveals something important about where AI-assisted security research is heading.
  • Open

    Infosec News Nuggets — July 8, 2026
    JadePuffer ransomware used AI agent to automate entire attack Researchers have documented what appears to be the first ransomware operation carried out entirely by an autonomous large language model agent, which handled reconnaissance, credential theft, lateral movement, privilege escalation, and encryption without human direction. After breaking in through a flaw in an open-source LLM app […] The post Infosec News Nuggets — July 8, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.

  • Open

    Enforce zero data retention on Amazon Bedrock with Bedrock Projects and service control policies
    With the introduction of models that require data sharing with third-party providers—such as Claude Fable 5—organizations need a way to centrally enforce data retention policies. Amazon Bedrock gives you control over whether your prompts and model outputs are retained after an inference request completes. You might need a way to enforce your retention settings across […]
  • Open

    Adaptive AI for Detecting Modern DGA Attacks
    No content preview
  • Open

    Infosec News Nuggets — July 7, 2026
    Medtronic Data Breach Impacts 3.8 Million People Medtronic has begun notifying more than 3.8 million individuals that their personal and medical information was stolen after the ShinyHunters extortion group breached its corporate IT systems in April. The attackers claimed to have taken over 9 million records including names, contact details, dates of birth, Social Security […] The post Infosec News Nuggets — July 7, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.
  • Open

    Lookup: TryHackMe CTF Walkthrough
    No content preview
    JWTweak v2.1: A Guided, Offline Toolkit for Modern JWT Attacks
    Paste a token, get a full attack plan — then execute it, entirely offline. Continue reading on InfoSec Write-ups »
    No Rules, No Locks: Firebase Misconfiguration and the Borrowers It Left Behind
    No content preview
    The HTTP 303 SSRF Hack : From Python HTTP Client Defaults to AWS Credential Exfiltration.
    No content preview
    Chaining a DOM XSS Sink, WAF Bypass, Cross-Origin Smuggling, and SDK Abuse into One Click Account…
    No content preview
    BadSuccessor — Exploiting delegated Managed Service Accounts in Windows Server 2025
    No content preview

  • Open

    Breadth, Depth, And Quality: Why Comparing Blockchain Analytics Vendors by Cluster Count Is Only Part of the Calculation
    When compliance teams, regulators, or investigators evaluate blockchain analytics providers, the conversation almost always starts the same: How many services… The post Breadth, Depth, And Quality: Why Comparing Blockchain Analytics Vendors by Cluster Count Is Only Part of the Calculation appeared first on Chainalysis.
  • Open

    The Hidden Latency Tax in Retail Personalization
    Every personalization decision adds latency that has a measurable cost in conversions and order value. Learn where that cost comes from — and how to avoid paying it.
  • Open

    A Fistful of Headers: Taming the Wild Web at Scale | Cary Hooper and Wesley McElhinny
    No content preview
  • Open

    Enforce least-privilege authorization in multi-agent AI chains using Cedar
    If you’re building multi-agent AI systems, you need to prevent authorization scope from silently expanding as agents delegate tasks through multi-hop chains. Without proper controls, an agent can potentially act beyond what the originating user authorized, even when role-based access control (RBAC) policies are in place. The OWASP Top 10 for Agentic Applications classifies this […]
  • Open

    5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management
    Read five key learnings from the Frost & Sullivan 2025 Frost Radar™ for CSPM to learn how CSPM is evolving from point-in-time compliance to continuous risk management. The post 5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management appeared first on Microsoft Security Blog.
  • Open

    Infosec News Nuggets — July 6, 2026
    SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation A high-severity SharePoint Server flaw enabling remote code execution through deserialization of untrusted data was added to a federal known-exploited-vulnerabilities catalog after evidence surfaced that attackers are actively exploiting it. The bug, patched in May but only now confirmed under active attack, lets an authenticated […] The post Infosec News Nuggets — July 6, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.
  • Open

    Wazuh File Integrity Monitoring: Tracking Endpoint Modifications in Real Time
    No content preview
    Mastering curl Commands Bug Bounty Hunter's Guide
    Every bug bounty hunter has curl installed. Few use it to its full potential. While Burp Suite and custom scripts get the limelight, curl… Continue reading on InfoSec Write-ups »
    Mass Assignment and the Identity Drift: From Profile Edit to Insurance Takeover
    No content preview
    The File That Answered Back — XXE Hidden in Cell A2
    No content preview

  • Open

    Cortex Security Audit
    At the request of the Open Source Technology Improvement Fund (OSTIF), Quarkslab performed a security audit of Cortex, evaluating the security of its multi-tenant design and the mechanisms protecting tenant isolation.

  • Open

    📖 [The CloudSecList] Issue 345
    📖 [The CloudSecList] Issue 345 was originally published by Marco Lancini at CloudSecList on July 05, 2026.

  • Open

    Trust Me, I'm a Shortcut: New LNK Abuse Methods | Wietze Beukema
    No content preview

  • Open

    Improving security posture across the Microsoft partner ecosystem
    Read how Microsoft strengthens partner ecosystem security with CSP vetting, least privilege access, monitoring, and risk management best practices. The post Improving security posture across the Microsoft partner ecosystem appeared first on Microsoft Security Blog.
  • Open

    Real-Time Observability: Introducing Akamai Cloud Pulse Alerts
    No content preview
    Most AI ROI Gets Lost in the Infrastructure, Not the Model
    No content preview
  • Open

    On Favicons: From Browser Icons to Attack Surface Intelligence
    Favicons are small, static, and rarely changed, which makes them a surprisingly durable fingerprint for identifying software across the internet. Bishop Fox built an AI-assisted pipeline to hash and enrich them at scale, and this post shares the methodology, the dataset, and why it matters.
  • Open

    Infosec News Nuggets — July 2, 2026
    19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges Peter Stokes, a 19-year-old dual U.S.-Estonian citizen accused of belonging to the prolific Scattered Spider hacking group, was extradited from Finland and made his first Chicago federal court appearance this week on charges of conspiracy, computer intrusion, and fraud. Prosecutors say Scattered Spider has been […] The post Infosec News Nuggets — July 2, 2026 appeared first on AboutDFIR - The Definitive Compendium Project.

  • Open

    OFAC Updates ISIS-Khorasan Sanctions with Over 100 Cryptocurrency Wallets
    Summary OFAC updated its ISIS Khorasan (ISIS-K) designation to include 134 cryptocurrency wallet addresses (131 on TRON and 3 on… The post OFAC Updates ISIS-Khorasan Sanctions with Over 100 Cryptocurrency Wallets appeared first on Chainalysis.
    Chainalysis Supports Robinhood Chain with Automatic Token Support
    Chainalysis is excited to announce support for Robinhood Chain, a permissionless layer 2 purpose-built for on-chain financial services and tokenized… The post Chainalysis Supports Robinhood Chain with Automatic Token Support appeared first on Chainalysis.
  • Open

    Secure Amazon container workloads using container attribute-based rules in AWS Network Firewall
    Today, you can use AWS Network Firewall to protect traffic flowing to and from containerized applications on Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS) clusters. If you run AI and machine learning (ML) workloads on Amazon EKS—such as model inference, RAG pipelines, or JupyterHub—your containerized workloads require the same […]
    How to use the AWS Workload Credentials Provider for cross-account secret retrieval and prefetching secrets
    If you manage secrets across multiple AWS accounts or need faster secret access for latency-sensitive applications, this post shows you how to meet those requirements using two new features of the AWS Workload Credentials Provider (provider). You will learn how to configure role chaining for cross-account secret retrieval and prefetching of secrets to reduce cold-start […]
  • Open

    Weekly Threat Bulletin – July 1st, 2026
    These are the top threats you should know about this week.
  • Open

    Microsoft named a leader in the Frost Radar for cloud and application runtime security
    Frost & Sullivan names Microsoft a leader as cloud and application security converge into unified, runtime risk reduction. The post Microsoft named a leader in the Frost Radar for cloud and application runtime security appeared first on Microsoft Security Blog.
  • Open

    AI Inference Is Swallowing the Cloud
    No content preview

  • Open

    Moving Forward Responsibly: Our 2025 Impact Report
    No content preview

  • Open

    What the June 2026 Threat Technique Catalog update means for your AWS environment
    The AWS Customer Incident Response Team (AWS CIRT) encounters patterns that repeat across engagements when helping customers respond to security incidents. We’re passionate about making sure that information is accessible so that everyone can improve their security posture and their organization’s resilience to disruption. The primary method we use to share this information is the […]
  • Open

    An Ontology for Accountability: Defining What Data Quality Means in Blockchain Analytics
    We built this to be questioned Before I came to blockchain analytics, I spent years in academia studying the formal… The post An Ontology for Accountability: Defining What Data Quality Means in Blockchain Analytics appeared first on Chainalysis.
    10 Questions to Ask Your Blockchain Analytics Provider about Data Quality
    Blockchain analytics tools provide critical intelligence to compliance teams, regulators, and investigators. These professionals use that intelligence to uncover illicit… The post 10 Questions to Ask Your Blockchain Analytics Provider about Data Quality appeared first on Chainalysis.
  • Open

    RATs & Ladders: Climbing from Access to Control | Nevan Beal & Jason Rathbun
    No content preview

  • Open

    📖 [The CloudSecList] Issue 344
    📖 [The CloudSecList] Issue 344 was originally published by Marco Lancini at CloudSecList on June 28, 2026.

  • Open

    Inside a Sandwich Attack: Lessons From the $7.5 Million Heist Against JaredfromSubway.eth
    Summary JaredfromSubway.eth, the most prolific sandwich-attack bot on Ethereum, was drained of at least $7.5 million in a reverse honeypot… The post Inside a Sandwich Attack: Lessons From the $7.5 Million Heist Against JaredfromSubway.eth appeared first on Chainalysis.
  • Open

    The Cloud Giants Are Architecting an Agentic Future They Can’t Run
    No content preview
  • Open

    Abusing Backup Operators with TrustedSec's Titanis | Jim Sykora
    No content preview

  • Open

    Emile Dirks Elected to PEN Canada’s Board of Directors
    Senior research associate Emile Dirks has been elected to serve as a member of PEN Canada's board of directors.  The post Emile Dirks Elected to PEN Canada’s Board of Directors appeared first on The Citizen Lab.
  • Open

    The New MCP Specification: What Security Teams Must Prepare For
    No content preview
    Your AI Cost Model Stops at the Token Price. The Bill Doesn't.
    Your AI cost model stops at the token price, but the bill doesn't. Discover why almost 80% of production AI spend sits in inference and how to optimize your setup.
    Linode Interfaces and Default Firewall Now Generally Available
    No content preview

  • Open

    Restrict AWS Management Console access to expected networks with sign-in resource-based policies and RCPs
    Amazon Web Services (AWS) recently announced support for resource-based policies and resource control policies (RCPs) for AWS Sign-In. By using resource-based policies and RCPs, you can restrict access to the AWS Management Console sign-in and aws login CLI sessions to requests from your expected networks, your on-premises data center networks, and your Amazon Virtual Private […]
  • Open

    Weekly Threat Bulletin – June 24th, 2026
    These are the top threats you should know about this week.
  • Open

    Agentic Disconnect: The Latency Crisis Facing Modern AI Architecture
    No content preview
  • Open

    AI Finds Vulnerabilities. Security Experts Find Impact.
    AI got a security consultant 80% of the way through a real web application assessment. The other 20% was where the actual security work happened. This walkthrough shows where AI delivered, where it produced confident but impossible explanations, and why human judgment still drives real findings.

  • Open

    AI Reconnaissance: The Missing Layer in Chatbot Security
    No content preview

  • Open

    Nikto @ 25 | Chris Sullo
    No content preview
  • Open

    Why Resilient Systems Design Is Critical for Cloud Reliability
    No content preview
    What Changes When You Move Your Logic to the Smarter, More Connected Edge?
    Discover how moving logic like mass redirects, data transformation, and bot triage to Akamai Functions lowers latency, reduces origin load, and cuts costs.
  • Open

    Prevent data exfiltration: AWS egress controls for cloud workloads
    When securing an Amazon Web Services (AWS) environment, teams naturally prioritize inbound controls, firewalls, WAFs, and access policies, because that’s where the most visible threats originate. Outbound traffic, on the other hand, tends to get less attention. It’s often left open by default to avoid breaking application dependencies and because the risk feels less immediate. […]

  • Open

    📖 [The CloudSecList] Issue 343
    📖 [The CloudSecList] Issue 343 was originally published by Marco Lancini at CloudSecList on June 21, 2026.

  • Open

    The OAUTh Problem You Didn't Know You Have | Evier Tabora
    No content preview
  • Open

    WhatsApp Accuses NSO of Fresh Pegasus Targeting
    Meta’s WhatsApp said it will ask a US court to hold NSO Group in contempt for using WhatsApp to lure targets into downloading the surveillance spyware. The post WhatsApp Accuses NSO of Fresh Pegasus Targeting appeared first on The Citizen Lab.

  • Open

    Accelerate security investigations with Kiro CLI
    When a security event occurs in your Amazon Web Services (AWS) environment, rapid response is critical. However security teams often struggle with time-consuming, manual processes that slow down investigations. Analysts must recall complex AWS Command Line Interface (AWS CLI) syntax for multiple services, manually correlate findings across Amazon GuardDuty, AWS CloudTrail, and other security tools, […]
    Spring 2026 SOC 1 and 2 reports are now available in OSCAL format
    Amazon Web Services (AWS) is excited to release the Spring 2026 System and Organization Controls (SOC) 1 and 2 reports in machine-readable OSCAL format alongside the PDF version of the reports. The reports cover 188 services over the 12-month period from April 1, 2025 to March 31, 2026, giving customers a full year of assurance. […]
  • Open

    Stop Treating Your LLMs Like Web Servers
    No content preview
    DNS Is Your Most Critical — and Most Misconfigured — Security Control
    No content preview
  • Open

    Shynet | VERSION 0.13.1
    The following document describes identified vulnerabilities in the Shynet application version 0.13.1.
    The Smash-and-Grab Era
    We walk through three eras of cyber attacks and makes a troubling case that LLMs are removing the one constraint that kept attackers slow and detectable.

  • Open

    Black Box Probing: a Security Analysis of Xiaomi's MJA1 Secure Chip
    Xiaomi's MJA1 is a proprietary secure chip used in their recent cameras to protect sensitive data and device communications. With no public documentation available, we conducted a black-box security analysis covering hardware identification, I2C sniffing, flash dumping, and firmware reverse engineering. This post walks through how we mapped the chip's command protocol, brute-forced undocumented commands, and assessed its security properties.
  • Open

    How Freedom Tech Is Pushing Back Against Digital Authoritarianism
    Senior legal advisor Siena Anstis and senior researcher John Scott-Railton spoke with Forbes about the lagging safeguards that let spyware proliferate.  The post How Freedom Tech Is Pushing Back Against Digital Authoritarianism appeared first on The Citizen Lab.
  • Open

    How Akamai Defended an Indian Bank Against Record-Breaking DDoS Attacks
    Learn how Akamai successfully neutralized one of the largest DDoS attacks ever recorded in the Indian banking sector before a single customer was impacted.
    Microsegmentation: Your Digital First Responder to LLM Threats
    No content preview
    Keep Your Tech FLAME Alive: Trailblazer Katrina Cole
    Meet Katrina Cole, an Information Security Consultant who entered tech at age 40. Read her advice for women in tech and her proactive approach to security.
  • Open

    Weekly Threat Bulletin – June 17th, 2026
    These are the top threats you should know about this week.
  • Open

    Introducing AWS Continuum: Security at machine speed
    What we believe We’ve been thinking deeply about enterprise security. The operating model that served us for the past decade (collect telemetry, store it, query it, build dashboards to watch it) is no longer keeping pace. We need to shift to the new world: telemetry, context, reasoning, and actions. An approach that produces outcomes. The […]

  • Open

    Threat tactic spotlight: Subdomain takeover
    In this blog post you’ll learn how to detect and prevent subdomain takeover – a tactic where threat actors exploit dangling DNS records to redirect traffic to attacker-controlled resources. We’ll explain the issue, how the situation arises, and how you can use various AWS features and services to help mitigate the impact of this tactic. […]
2026-07-16T02:36:58.919Z osmosfeed 1.15.1