Release Date: 29/03/2026 | Issue: 331
Know someone who'd find this useful? Forward this email
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.
Sponsor

What containers changed about cloud security and risk
Gartner estimates 99% of cloud security failures are the customer's fault โ€” not the provider's. The mass adoption of containers has made that responsibility harder to manage. Where you once secured a single application, you now have hundreds of microservices, each with its own dependencies, configs, and blind spots.
Andy Hornegold, Intruder's VP of Product, breaks down where container risk actually comes from across the full security lifecycle, and what four recent breaches reveal about how attackers are getting in.

Get the full breakdown

This week's articles


TeamPCP: A coordinated supply chain campaign targeting security tools
Over the past few weeks, a threat group calling themselves "TeamPCP" ran a coordinated supply chain campaign targeting open-source security tools. It started with Trivy on March 19, when attackers pushed a malicious v0.69.4 release and force-pushed 75+ GitHub Action tags to compromised versions, turning the vulnerability scanner into a credential stealer that harvested secrets from CI/CD runner memory. Days later, the same group hit Checkmarx's KICS GitHub Action and OpenVSX extensions (March 23), followed by LiteLLM on PyPI (March 24). The malware used a consistent pattern across all targets: collect secrets from process memory, encrypt with AES-256-CBC + RSA-4096, and exfiltrate to typosquatted C2 domains. The group claims around 300GB of compressed credentials stolen.
Multiple companies published their analysis of the campaign. Here is the full reading list:
  • Aqua Security: Official incident response from Trivy's maintainers
  • Checkmarx: Official security update on KICS compromise
  • Wiz: Technical analysis of the Trivy compromise
  • Wiz: Analysis of the KICS GitHub Action attack
  • Socket: Compromised Trivy Docker images
  • Socket: Campaign overview across the OSS ecosystem
  • StepSecurity: Second Trivy compromise and detection details


Widespread GitHub Campaign Uses Fake VS Code Security Alerts to Deliver Malware
A large-scale phishing campaign is targeting developers directly inside GitHub, using fake Visual Studio Code security alerts posted through Discussions to trick users into installing malicious software.


Locking down AWS principal tags with RCPs and SCPs
A post explaining how to use SCPs to restrict sensitive IAM actions to tagged principals, RCPs to block unauthorized "scp-*" session tags from external/non-tagger principals, and SCPs to protect the "tagger" role itself via CloudFormation StackSets.


Threat Actors Abuse Railway.com PaaS as Microsoft 365 Token Attack Infrastructure
Railway PaaS is being weaponized as a clean token replay engine in an active AiTM and device code phishing campaign impacting 268+ M365 organizations and 100+ MSPs.


Simulating Ransomware with AWS KMS
Post that demonstrates how attackers can abuse AWS KMS by importing malicious key material to encrypt RDS/EBS resources, then deleting the material to make data inaccessible without ransom payment.   #aws   #attack


Remote Command Execution in Google Cloud with Single Directory Deletion - GMO Flatt Security Research
A race condition in Google Cloud Looker's directory deletion API allows deleting the ".git" directory while concurrent Git operations proceed, causing Git to use attacker-controlled worktree configs for RCE. Kubernetes service account misconfigurations further enabled cross-instance privilege escalation.

Sponsor

Most teams don't have JIT access. They have hope.
Shared production creds. AWS keys in files. Admin with no expiry. When something goes wrong โ€” breach, audit, or 2am incident โ€” standing access is either the cause or the thing slowing you down. Thand is a distributed, open-source JIT access platform. Deployed in minutes, no SaaS dependency, Temporal-backed, grants and revocations guaranteed. Nothing persists that shouldn't.

Try it before your next incident

Tools


snyk-linear-sync
Script to manage linear tickets for snyk issues.


agents-anywhere
Your AI agent configs, skills, and instructions on every device.


Azure-AppHunter
Helps identify excessive privileges assigned to Service Principals.


agent-skills
Official Elastic Skills.


aurelian
Open-source cloud security reconnaissance framework. You can also check out the companion blog post.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! ๐Ÿ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at feedback.cloudseclist.com!

Thanks,
Marco
Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
ยฉ 2019-present CloudSecList ยท Marco Lancini