Release Date: 21/09/2025 | Issue: 306
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

When AI agents act like humans, they need to identify like humans

As LLMs and agents act on behalf of users through MCP-based systems, the security paradigm is shifting toward treating AI agents like human users, requiring the same principles of least privilege, credential management, and behavioral visibility that teams have long applied to protect against insider threats.
Learn more about extending infrastructure identity governance to AI systems and turning MCP deployments into controlled, auditable, and compliant AI infrastructure components below.

Securing MCP with Teleport and AWS

This week's articles


S1ngularity/nx attackers strike again
The attackers behind the nx attack have struck again, targeting a large amount of packages, with a first-of-its-kind worm payload.   #attack   #supply-chain


Shai-Hulud npm Supply Chain Attack
Learn how the Shai-Hulud npm worm compromised 100+ packages with data-stealing malware. See how it spreads, the risks, and steps to detect and mitigate.   #attack   #supply-chain   #defend   #monitor


An Attackerโ€™s Blunder Gave Us a Look Into Their Operations
An attacker installed Huntress onto their operating machine, giving them a detailed look at how they're using AI to build workflows, searching for tools like Evilginx, and researching targets like software development companies.   #ai   #attack   #defend


One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens
This article details a critical vulnerability discovered in Entra ID that allowed full tenant compromise through undocumented Actor tokens and a flaw in Azure AD Graph API's tenant validation. Microsoft patched it under CVE-2025-55241.   #azure   #attack   #iam


What the fork? Imposter commits in GitHub Actions and CI/CD
Chainguard found a vulnerability in GitHub Actions that bypasses allowed Workflow settings by using commits from forked repositories.   #attack   #ci/cd   #supply-chain


Exploring attacker persistence strategies in Kubernetes
This article explores Kubernetes post-exploitation techniques, demonstrating how attackers can maintain cluster access through debug profiles, container runtimes, static manifests, Tailscale for remote access, and credential generation via CSR/Token Request APIs.   #attack   #kubernetes


Illicit Consent-Granting & App Backdooring โ€“ Obtaining persistence in Entra
This article details how attackers exploit Entra ID through OAuth consent injection and app backdooring, covering attack flows, MITRE ATT&CK mappings, detection strategies, and prevention methods for securing consent flows.   #attack   #azure


Comparing CSP-Managed Machine Identities
This paper compares the threat models of machine identities managed by the Cloud Service Providers (CSP-managed) across the three major cloud service providers, with a focus on the risks associated with impersonation and usage.   #iam   #explain   #azure   #aws   #gcp


Uncloaking VoidProxy: a Novel and Evasive Phishing-as-a-Service Framework
Okta Threat Intelligence has published a detailed analysis on a previously unreported Phishing-as-a-Service (PhaaS) operation, which its authors name VoidProxy.   #attack   #defend   #saas

Tools


MCP Registry
A curated directory of MCP servers.


kingfisher
Kingfisher is a blazingly fast tool for secret detection and live validation across files, Git repos, S3, Docker images, Jira, Slack, and Confluence.


GarudRecon
An automated recon tool for asset discovery and vulnerability scanning using open-source tools. Supports XSS, SQLi, LFI, RCE, IIS, Open Redirect, Swagger UI, .git exposures and more.


GroupPolicyBackdoor
Group Policy Objects manipulation and exploitation framework.


hexstrike-ai
An MCP server that lets AI agents autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research.

From the cloud providers


#AWS   Multi-Region keys: A new approach to key replication in AWS Payment Cryptography
The new Multi-Region key replication feature in Payment Cryptography enhances automatic key replication capabilities, providing improved resilience and simplified management for global payment applications.


#AWS   Navigating Amazon GuardDuty protection plans and Extended Threat Detection
Post exploring the different suite of protection plans and the Extended Threat Detection feature of GuardDuty.


#AWS   Automate OIDC client secret rotation with Application Load Balancer
Elastic Load Balancing simplifies authentication by offloading it to OpenID Connect (OIDC) compatible identity providers (IdPs). This lets builders focus on application logic while using robust identity management.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini