CramHacks Chronicles #87: Weekly Cybersecurity Newsletter!

Hello, and Happy Monday!

I hope you’re having a great week thus far! I’ve been getting woken up every night by our cats and it has been exhausting. Not making today any easier, as I have ~5 hours of driving to do for AppSec SoCal, which is in Santa Monica.

Newsletter

Apple releases Containerization: run Linux containers on macOS
👋 I haven’t had a chance to play with this yet, but I love me a native experience. I think a lot of folks are right in that this will also benefit Docker and OrbStack users if and when they adopt this.

Poison everywhere: No output from your MCP server is safe
CyberArk Researcher Simcha Kosman details Tool Poisoning Attack (TPA), Full-Schema Poisoning (FSP), and Advanced Tool Poisoning Attacks (ATPA).

👋 Finding security risks in MCP Server implementations must feel a lot like finding vulnerabilities in Windows 95.

GitHub Releases now expose digests for release assets
If you’ve created a release on GitHub recently you may have noticed that assets now display their SHA256 checksums, which are generated at upload. The digests are accessible via the Releases REST API, GraphQL API, and the gh release view command.

👋 This is just one of the many milestones for the Immutable Releases project!

Aikido: 16 React Native Packages for GlueStack Backdoored Overnight
Security Researcher Charlie Eriksen details the malware injected into more than 16 npm packages which combined receive more than one million downloads per week.

👋 I poked around at this for a few minutes. My hypothesis, is that the npm user gluestackadmin, who is a maintainer for each of these packages, was compromised due to a leaked secret in a GH workflow. Only hours ago, Sysdig Security Researcher Stefano Chierici opened an issue in the gluestack-ui repository, reporting a vulnerability. I was hesitant to share this, but mind you this took me <15 minutes to find myself. npm trusted publishing can’t come soon enough!!

Wiz: How We Fine-Tuned a Small Language Model for Secret Detection in Code
AI Researchers Erez Harush and Daniel Lazarev details why and how they’ve fine-tuned a small language model (Llama 3.2 1B) for detecting secrets in code.

👋 They also gave a talk on this topic at BSides SF! It was neat to learn some of the design decisions and trade-offs. I wonder how many startups will fail because they don’t adopt or build more efficient models.

OpenAI - Disrupting malicious uses of AI: June 2025
Since OpenAI’s last report three months ago, their investigative teams have uncovered cases of ChatGPT accounts being used for social engineering, cyber espionage, deceptive employment schemes, covert influence operations, and scams. The full report details ten case studies, four of which are reported to originate from China. Each details the Actor, Behavior, Completions, and Impact of the activity.

👋 This is hilarious: “One user stated in a prompt that they worked for the Chinese Propaganda Department.” This wasn’t verified by OpenAI, but even so, it’s funny and I hope it’s legitimate.

Trump Amends Cybersecurity Executive Orders 13694 & 14144
👋 Relevant “fact sheet” — you’re on your own to read this one. It’s near impossible to know if any of this even matters, so I’m saving my breath 😅.

Until Next Time! 👋

Hey, you made it to the bottom – thanks for sticking around!

Questions, ideas, or want to chat? Slide into my inbox! 💌

Don’t hesitate to forward if someone could benefit from this.

See you next Monday!
-Kyle

P.S. CramHacks has a Supporter tier! You can upgrade here to support CramHacks and its free weekly content 😃.