CramHacks Chronicles #94: Weekly Cybersecurity Newsletter!

Hello, and Happy Monday!

The grind continues, but will come to a halt starting tomorrow 🥲. Looking forward to some PTO before DEF CON to relax.

No CramHacks next week; see y’all at or post-Vegas! Stop by AppSec Village and catch my talk Friday morning 😁.

Newsletter

Trail of Bits: We built the security layer MCP always needed
The project, mcp-context-protector, is a security wrapper for LLM apps using the Model Context Protocol (MCP). The primary goal here is to protect the LLM’s context window which is susceptible to attacks such as line jumping, also known as tool poisoning.

Line jumping occurs when an app prompts an MCP server for its tool descriptions. The descriptions are added to the model’s context window and are therefore ripe for prompt injection.

The Denylist Delusion: Cursor’s Auto-Run Leaves Agentic AI Wide Open
“we quickly realized that the denylist security feature, at least as currently implemented, was woefully inadequate, if not outright worthless.” Backslash Security Researchers Mustafa Naamneh and Micah Gold detail trivial methods for evading Cursor’s denylist feature.

Case Study: Google Secures Machine Learning Models with sigstore
Following last month’s announcement revealing the OpenSSF Model Signing (OMS) Specification, it has now been integrated into NVIDIA’s NGC and Google’s Kaggle. This means models can be signed during upload and verified at each use!

👋 I’m glad to see this for a multitude of reasons. Firstly, model tampering and untrusted provenance of models is not something we should just ignore. Secondly, we’re still relatively early in the model hub universe — could this become a requirement for major model hubs? 🤞 Thirdly, it’s just great to see how the community doesn’t want to repeat the same mistakes. We’ve spun up countless package ecosystems, we need to apply our lessons-learned to future ones!

The CISA SBOM Community is shutting down
Allan Friedman has announced his departure from CISA where he has led CISA’s efforts to advance SBOM around the globe. To most in this space, Allan and SBOMs are synonymous. He has been instrumental for building communities, spreading awareness, and bettering how we all handle software transparency. Thank you Allan for all that you’ve done! I look forward to seeing what’s next for you.

HeroDevs Announces $125 Million Strategic Growth Investment from PSG
HeroDevs has secured $125M in private equity funding to focus on growth. In addition, HeroDevs has announced that they’ve dedicated $20 million of capital towards its Open Source Sustainability Fund.

👋 The Open Source Sustainability Fund is interesting. Yes, it does put money in the pockets of open source maintainers, that’s great. But it sure seems like this is primarily a way to incentivize OSS maintainers to create customers for HeroDevs by better disclosing project versions as EoL. It’s not clear, but I suspect they also uses this fund and their relations from the fund to better support EoL versions, which is their product. I’m not familiar with the tax code, but could this maybe be a clever way to write off a chunk of the work required to offer their services?

Seal Security raises $13M Series A to automate open-source vulnerability fixes
👋 Congrats to Seal Security. I frankly don’t think vulnerabilities alone is a good enough reason to use vendor-managed OSS packages. But there seems to be a market for it.

CodeQL support for Rust now in public preview
Support for .rs, Cargo.toml extensions. Requires rustup and cargo to be installed.

CVE analytics from 1999 to 2025
👋 Jerry Gamblin has given his passion project, cve.icu, a makeover, and I love it! Every time I look at these analytics I learn something new about the CVE Program.

Until Next Time! 👋

Hey, you made it to the bottom – thanks for sticking around!

Questions, ideas, or want to chat? Slide into my inbox! 💌

Don’t hesitate to forward if someone could benefit from this.

See you next Monday!
-Kyle

P.S. CramHacks has a Supporter tier! You can upgrade here to support CramHacks and its free weekly content 😃.