This week's articles
Slack AI: The Path to Multi-Cloud
Slack AI evolved over four phases from AWS SageMaker to Amazon Bedrock (provisioned then on-demand) and finally GCP Vertex AI, building an intelligent multi-cloud routing layer with circuit breakers, A/B testing, and hybrid provisioning to ensure resilience, model-best-fit, and zero provider lock-in.
The sorry state of skill distribution
Trail of Bits bypassed malicious skill scanners from ClawHub, Cisco, and skills.sh using simple techniques: newline padding, .pyc bytecode poisoning, .docx indirection, and prompt injection. Existing scanners are structurally broken; organizations should use curated, trusted skill sources instead.
ChatGPhish: The Page Is the Payload
Any web page a victim asks ChatGPT to summarize can become a phishing payload. P0 Labs research reveals a Markdown rendering vulnerability in ChatGPT's response UI.
Hidden Gaps in Claude Code Security Reviews
Claude Code's /security-review is vulnerable to model anchoring bias when run in the same session that wrote the code. A new diff-scoped plugin avoids this but misses cross-commit vulnerability chains where each individual change appears benign in isolation.
1-Click GitHub Token Stealing via a VSCode Bug
A VSCode bug allows stealing GitHub OAuth tokens via a malicious repo opened in github.dev. JavaScript in a Jupyter notebook webview abuses postMessage keydown forwarding to install a local workspace extension, which exfiltrates the token granting full repo access.
|