Release Date: 11/01/2026 | Issue: 320
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Turn bare metal into gold with Fluidstack
Want to deploy large-scale clusters at the frontier? Fluidstack is hiring security experts across corporate IT, cloud, and bare metal who can grow systems at scale. Their team moves fast, and is building even faster.

If you want to manage infrastructure with impact, check out their open roles 🚀

This week's articles


npm to Implement Staged Publishing After Turbulent Shift Off Classic Tokens
The planned feature introduces a review step before releases go live, following the Shai-Hulud attacks and a rocky migration off classic tokens that disrupted maintainer workflows.   #announcement   #supply-chain   #defend


Ni8mare  -  Unauthenticated Remote Code Execution in n8n
Cyera Research Labs has discovered a "worst-case scenario" flaw in n8n. Dubbed "Ni8mare," this vulnerability (CVE-2026-21858) allows an unauthenticated remote attacker to gain full administrative control over an n8n instance.   #attack   #saas


Kubernetes v1.35: A Better Way to Pass Service Account Tokens to CSI Drivers
Kubernetes 1.35 introduces beta support for CSI drivers to receive service account tokens via the "secrets" field instead of "volume_context", preventing accidental token logging.   #kubernetes   #announcement


What is EC2 Instance Attestation
EC2 Instance Attestation extends attestable scope from Nitro Enclaves' container environment to entire EC2 instances, enabling greater capabilities like GPU access. However, it requires proactive hardening versus Enclaves' secure-by-default design and more complex deployment through Attestable AMIs.   #aws   #explain


How We Scaled Code Repository Management at DNSimple
How DNSimple evolved from a forgotten collection of Ruby scripts to a fully automated Terraform-based system for managing hundreds of GitHub repositories.   #terraform   #iac


nOAuth Abuse Update: Potential Pivot into Microsoft 365
Vulnerable SaaS apps could enable attackers to pivot back into Microsoft 365, endangering your entire Microsoft 365 estate.   #attack   #saas   #iam   #azure

Tools


claude-code-safety-net
A Claude Code plugin that acts as a safety net, catching destructive git and filesystem commands before they execute.


leash
Leash wraps AI coding agents in containers and monitors their activity. You define policies in Cedar; Leash enforces them instantly.


JSAnalyzer
A Burp Suite extension for JavaScript static analysis. Extracts API endpoints, URLs, secrets, and email addresses from JavaScript files.


vulnerable-mcp-servers-lab
A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers.


tailsnitch
A security auditor for Tailscale configurations. Scans your tailnet for misconfigurations, overly permissive access controls, and security best practice violations.

AI


Where AI Systems Leak Data: A Lifecycle Review of Real Exposure Paths
This post examines five AI system lifecycle stages where sensitive data leaks without exploitation: retrieval mixes authorization, models reconstruct redacted data, prompts merge trust zones, outputs expose internal context, and storage persists sensitive information indefinitely.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini