This week's articles
AI agent authentication: it's just OAuth
How should we authenticate AI agents? We don't need to completely reinvent the wheel -- we already have OAuth, which gives us most of what we need for controlled, auditable access delegation.
#iam
DevOps access is closer than you assume
Azure DevOps can be accessed using multiple 1st party client ids, allowing anyone to pivot from a stolen session to access the repositories.
#attack
#azure
#ci/cd
Exploring the Kubernetes API Server Proxy
The Kubernetes API server can act as an HTTP proxy server, allowing users with the right access to get to applications they might otherwise not be able to reach.
#explain
#kubernetes
Attacks on Maven proxy repositories
This post describes PoC exploits that can lead to pre-auth remote code execution and poisoning of the local artifacts in Sonatype Nexus and JFrog Artifactory.
#attack
#ci/cd
#supply-chain
|