This week's articles
S1ngularity/nx attackers strike again
The attackers behind the nx attack have struck again, targeting a large amount of packages, with a first-of-its-kind worm payload.
#attack
#supply-chain
Shai-Hulud npm Supply Chain Attack
Learn how the Shai-Hulud npm worm compromised 100+ packages with data-stealing malware. See how it spreads, the risks, and steps to detect and mitigate.
#attack
#supply-chain
#defend
#monitor
An Attackerโs Blunder Gave Us a Look Into Their Operations
An attacker installed Huntress onto their operating machine, giving them a detailed look at how they're using AI to build workflows, searching for tools like Evilginx, and researching targets like software development companies.
#ai
#attack
#defend
Exploring attacker persistence strategies in Kubernetes
This article explores Kubernetes post-exploitation techniques, demonstrating how attackers can maintain cluster access through debug profiles, container runtimes, static manifests, Tailscale for remote access, and credential generation via CSR/Token Request APIs.
#attack
#kubernetes
Comparing CSP-Managed Machine Identities
This paper compares the threat models of machine identities managed by the Cloud Service Providers (CSP-managed) across the three major cloud service providers, with a focus on the risks associated with impersonation and usage.
#iam
#explain
#azure
#aws
#gcp
|