Release Date: 22/02/2026 | Issue: 326
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

Your SIEM Creates Thousands of Alerts. Your Team Investigates Dozens.

That math doesn't work. Modern security teams are bridging it with agentic AI that autonomously executes full threat lifecycle workflows (detection through response) without constant human oversight. See what autonomous SOC operations look like.

See How It Works

This week's articles


Zero Knowledge (About) Encryption: A Comparative Security Analysis of Three Cloud-based Password Managers
Researchers at ETH Zurich examined the extent to which security against a fully malicious server holds true for three leading vendors who make the Zero Knowledge Encryption claim: Bitwarden, LastPass, and Dashlane.


3 Principles for Designing Agent Skills
Block Engineering discusses designing agent skills using three principles: make deterministic outputs script-based, let agents handle interpretation and conversation, and write explicit constitutional constraints. Skills codify tribal knowledge into executable documentation for AI agents across their organization.


Why Trying to Secure OpenClaw is Ridiculous
OpenClaw's security issues explained: malware in ClawHub, exposed instances, and why hardening guides miss the point. Can you use the AI agent safely??


MCP Server Security: The Hidden AI Attack Surface
MCP servers connecting AI assistants to external tools create significant attack surfaces enabling arbitrary code execution, data exfiltration, and social engineering. Both local and remote MCP servers can be exploited through server chaining, supply chain attacks, and malicious tool implementations.


RoguePilot: Critical GitHub Copilot Vulnerability Exploit
Discover RoguePilot, a critical GitHub Copilot vulnerability allowing passive prompt injection in Codespaces to exfiltrate tokens and takeover repositories.


Uncovering Malicious OAuth Campaigns in Entra ID
Learn how Wiz Research automates detection of emerging malicious Azure app and consent phishing campaigns.

Sponsor

Rogue cloud assets giving you headaches?
Discover every AWS, Azure, and GCP instance your developers have ever created—including the ones they forgot about—with Nudge Security. Within minutes of starting a free trial, you’ll have an inventory of:
  • Cloud instances and accounts
  • Services, domains, organizations, and other resources
  • Billing data to help you avoid surprise expenses
The best part? Your inventory will include assets created in the past, not just a forward-looking view when new assets are added (but you’ll get that too).

Get started today

Tools


brutus
Fast, zero-dependency credential testing tool in Go. Brute force SSH, MySQL, PostgreSQL, Redis, MongoDB, SMB, and 20+ protocols. You can also check out the companion blog post.


tabiew
A lightweight TUI application to view and query tabular data files, such as CSV, TSV, and parquet.


caterpillar
Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior.


add2abm
MacOS script to re-trigger Setup Assistant for ABM/ASM enrollment without wiping the device.


claude-grc-plugin
A Claude Code plugin that turns Claude into a senior GRC analyst.

From the cloud providers


#AWS   Building an AI-powered defense-in-depth security architecture for serverless microservices
This AWS blog demonstrates implementing a seven-layer AI-powered defense-in-depth security architecture for serverless microservices using AWS Shield, WAF, Cognito, API Gateway, VPC, Lambda, Secrets Manager, and DynamoDB, enhanced with GuardDuty and Amazon Bedrock for intelligent threat detection and automated response.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! 👌

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
© 2019-present CloudSecList · Marco Lancini