🤖 How Command Injection Vulnerability in OpenAI Codex Leads to GitHub Token Compromise
BeyondTrust Phantom Labs recently identified a critical command injection vulnerability in OpenAI Codex that allowed for the theft of GitHub User Access Tokens.
https://www.beyondtrust.com/blog/entry/openai-codex-command-injection-vulnerability-github-token
#AI
BeyondTrust Phantom Labs recently identified a critical command injection vulnerability in OpenAI Codex that allowed for the theft of GitHub User Access Tokens.
https://www.beyondtrust.com/blog/entry/openai-codex-command-injection-vulnerability-github-token
#AI
❤1👍1🔥1
🔶 Unexpected Routing Behaviour in AWS with VPC Peering and NAT Gateway
When routing VPC peering traffic through an internal NAT gateway in AWS, response traffic bypasses route tables via connection tracking, making all subnets in the peered VPC reachable even without return routes configured. AWS confirmed this is "expected behaviour.".
https://labs.reversec.com/posts/2026/03/unexpected-routing-behaviour-in-aws-with-vpc-peering-and-nat-gateway
#aws
When routing VPC peering traffic through an internal NAT gateway in AWS, response traffic bypasses route tables via connection tracking, making all subnets in the peered VPC reachable even without return routes configured. AWS confirmed this is "expected behaviour.".
https://labs.reversec.com/posts/2026/03/unexpected-routing-behaviour-in-aws-with-vpc-peering-and-nat-gateway
#aws
❤1👍1🔥1
🔶 Launching S3 Files, making S3 buckets accessible as file system
Amazon S3 Files makes S3 buckets accessible as high-performance file systems on AWS compute resources, eliminating the tradeoff between object storage benefits and interactive file capabilities while enabling seamless data sharing with ~1ms latencies.
https://aws.amazon.com/ru/blogs/aws/launching-s3-files-making-s3-buckets-accessible-as-file-systems
#aws
Amazon S3 Files makes S3 buckets accessible as high-performance file systems on AWS compute resources, eliminating the tradeoff between object storage benefits and interactive file capabilities while enabling seamless data sharing with ~1ms latencies.
https://aws.amazon.com/ru/blogs/aws/launching-s3-files-making-s3-buckets-accessible-as-file-systems
#aws
❤1👍1🔥1
🔶 Amazon S3 starts rolling out new security best practice to new and existing buckets by default
S3 is now deploying a new default bucket security setting which will automatically disable server-side encryption with customer-provided keys (SSE-C) for all new general purpose buckets.
https://aws.amazon.com/ru/about-aws/whats-new/2026/04/s3-default-bucket-security-setting
#aws
S3 is now deploying a new default bucket security setting which will automatically disable server-side encryption with customer-provided keys (SSE-C) for all new general purpose buckets.
https://aws.amazon.com/ru/about-aws/whats-new/2026/04/s3-default-bucket-security-setting
#aws
❤1👍1🔥1
🤖 NomShub: Weaponizing Cursor's Remote Tunnel Through Indirect Prompt Injection and Sandbox Breakout
NomShub is a critical vulnerability chain in the Cursor AI code editor where a malicious repository can silently hijack a developer's machine, combining indirect prompt injection, a sandbox escape via shell builtins, and Cursor's built-in remote tunnel to give attackers persistent, undetected shell access triggered simply by opening a repo.
https://www.straiker.ai/blog/nomshub-cursor-remote-tunneling-sandbox-breakout
#AI
NomShub is a critical vulnerability chain in the Cursor AI code editor where a malicious repository can silently hijack a developer's machine, combining indirect prompt injection, a sandbox escape via shell builtins, and Cursor's built-in remote tunnel to give attackers persistent, undetected shell access triggered simply by opening a repo.
https://www.straiker.ai/blog/nomshub-cursor-remote-tunneling-sandbox-breakout
#AI
❤1👍1🔥1
This blog explores how computer use agents can be used to build an agentic command-and-control framework. By combining LLM reasoning with desktop interaction tools, attackers could automate endpoint control while blending into normal system behavior. Here, we break down the architecture, abuse scenarios, and detection opportunities.
https://www.beyondtrust.com/blog/entry/claude-control-agentic-c2-computer-use-agent
#AI
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
🔶 A framework for securely collecting forensic artifacts into S3 buckets
Blog presenting an AWS architecture for securely collecting forensic artifacts into S3, using IAM least-privilege session policies, STS time-limited credentials scoped per case prefix, KMS encryption, S3 versioning, and an automated Step Functions/Lambda/SSM workflow deployable via AWS CDK.
https://aws.amazon.com/ru/blogs/security/a-framework-for-securely-collecting-forensic-artifacts-into-s3-buckets
#aws
Blog presenting an AWS architecture for securely collecting forensic artifacts into S3, using IAM least-privilege session policies, STS time-limited credentials scoped per case prefix, KMS encryption, S3 versioning, and an automated Step Functions/Lambda/SSM workflow deployable via AWS CDK.
https://aws.amazon.com/ru/blogs/security/a-framework-for-securely-collecting-forensic-artifacts-into-s3-buckets
#aws
🔥2❤1👍1
AI, as demonstrated by Anthropic's Mythos, has significantly increased the likelihood of attackers discovering new vulnerabilities, creating new exploits, and using them in complex automated attacks at scale. While AI also increases the speed of patch development and reduces defects in new software, defenders still face a heavier relative burden due to the inherent limitations of patching. Attackers gain asymmetric benefits.
#AI
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
Researchers reverse-engineered Claude Code's ("claude.exe") undocumented "--sdk-url" flag, fully mapped its CCRv1 WebSocket remote control protocol (NDJSON over WebSockets), and implemented a Python C2 server. The flag accepts arbitrary URLs with no authentication, enabling post-compromise beaconing.
https://www.originhq.com/blog/reversing-remote-control
#ClaudeCode
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
Part one of a two-part series on GitHub Actions security, covering the core threat model, common misconfigurations, and real-world attack examples.
https://www.wiz.io/blog/github-actions-security-threat-model-and-defenses
#github
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2❤1🔥1
A lightweight intro to passkeys from Google.
https://bughunters.google.com/blog/passkeys-are-your-new-best-friend
#iam
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥4❤2👍2
Amazon's RuleForge is a multi-agent AI system that auto-generates CVE detection rules from exploit PoC code. It uses parallel generation (via Amazon Bedrock/Fargate), a separate judge model (reducing false positives by 67%), and multistage validation, achieving 336% faster rule production than manual workflows while keeping humans in the final approval loop.
https://www.amazon.science/blog/how-amazon-uses-agentic-ai-for-vulnerability-detection-at-global-scale
#AI
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2❤1🔥1
Cloudflare built a CI-native, plugin-based AI code review system using OpenCode, orchestrating up to 7 specialised agents (security, performance, code quality, etc.) per merge request. It processed 131K reviews across 48K MRs, averaging $0.98/review at 3m39s median latency, with an 85.7% prompt cache hit rate.
https://blog.cloudflare.com/ai-code-review
#AI
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1👍1🔥1
A walkthrough of my Claude Code setup across a multi-project monorepo: global settings, safety guardrails, a context/plan/code workflow, subagents and plugins, and the StarCraft-themed customisations that make the terminal feel like mine.
https://blog.marcolancini.it/2026/blog-my-claude-code-setup
#ClaudeCode
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍2🔥2
Fast and accurate AI powered file content types detection.
https://github.com/google/magika
#AI
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2👍1🔥1