This week's articles
The Danger of Multi-SSO AWS Cognito User Pools
This post explores security anti-patterns in multi-SSO AWS Cognito User Pools: ghost identity injection via misconfigured Lambda triggers, "triggerSource" blind spots, sub-splitting attacks on "event.userName", and IdP identifier hijacks. It also introduces "maSSO", a weaponized OIDC/SAML IdP for pentesting.
The (In)security Landscape of AI-Powered GitHub Actions (Part 2/2)
Wiz researchers analysed popular AI GitHub Actions (Anthropic, OpenAI, Google) and found: bot permission-check bypasses enabling untrusted external apps to trigger AI workflows, novel credential-file exfiltration vectors unrecognised by LLMs as sensitive, and widespread misconfigurations in repos with 200,000+ combined stars.
LeakyLM: AI Assistants Are Leaking Your Conversations
Research disclosing that ChatGPT, Claude, Grok, and Perplexity embed third-party trackers (Meta, Google, TikTok) that leak conversation URLs, email hashes, and user identifiers, often bypassing cookie consent. via client-side pixels and server-side forwarding.
Unmasking the Docker ONBUILD Supply Chain Attack Vector
Docker's ONBUILD directive is a feature designed to reduce boilerplate in downstream images. This article demonstrates how a compromised or malicious base image can exploit ONBUILD to intercept build-time secrets, tamper with build outputs, and achieve arbitrary remote code execution during a downstream build. All of this is invisible from the view of the downstream Dockerfile.
Workload Identity Federation for Claude
Workload Identity Federation (WIF) lets your workloads authenticate to the Claude API using short-lived OpenID Connect (OIDC) tokens issued by an identity provider (IdP) you already operate, such as AWS IAM, Google Cloud, or any standards-compliant OIDC issuer (such as GitHub Actions, Kubernetes service accounts, SPIFFE, Microsoft Entra ID, or Okta), instead of long-lived sk-ant-... API keys.
|