newsletter

newslettersponsoredblog
newsletternewsletter
CramHacks Chronicles #89: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #89: Weekly Cybersecurity Newsletter!

Google Donates A2A, GH Attestation OPA Gatekeeper Support, Malicious Transitive Dependencies, Kingfisher Secret Detection, Edara & Container Security

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #88: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #88: Weekly Cybersecurity Newsletter!

Docker Hub webhook security, libxml2's bug management, GerriScary's Google vulnerability, Netflix's dependency confusion, and CVE scoring

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #87: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #87: Weekly Cybersecurity Newsletter!

Apple Containerization, No output from your MCP server is safe, GitHub Release Assets now have digests, 16+ npm packages compromised from leaked secrets

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #86: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #86: Weekly Cybersecurity Newsletter!

Trusted Publishing for NPM, Likely Exploited Vulnerabilities (LEV), Correctness of SBOM Generation, Scalable Dynamic Malware Analysis for packages

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #85: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #85: Weekly Cybersecurity Newsletter!

US Government Launches Audit of NIST’s National Vulnerability Database, CycloneDX Abandons bug bounty program funded by Sovereign Tech Fund, build & deployment security

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #83: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #83: Weekly Cybersecurity Newsletter!

Exploring npm vulnerabilities, Kyverno introduces ImageValidatingPolicy, XBOW reaches Highest Rank on HackerOne Leaderboard, Ubuntu adopts sudo-rs, LlamaFirewall

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #82: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #82: Weekly Cybersecurity Newsletter!

Disney Hackers Get Jail Time, Maintainer Month, White House Proposes $500M CISA Cut, Trusting Russian State-Owned OSS Packages

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #81: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #81: Weekly Cybersecurity Newsletter!

MCP Servers Leaking Secrets, Backdooring more cryptocurrencies, Kali loses access to signing key, Google's 2024 Zero-Day Exploitation Analysis

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #80: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #80: Weekly Cybersecurity Newsletter!

Supply Chain Pre-RSAC Announcements, do not run any Cargo commands on untrusted projects, scanning stale branches, and more!

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #79: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #79: Weekly Cybersecurity Newsletter!

CVE Program Funding Extended, MCP Server Security, Weaponizing Code Agents, Threat Modeling GitHub, Anatomy of Malicious Open Source Packages

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #78: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #78: Weekly Cybersecurity Newsletter!

Q&A w/ Linus Torvalds, #camelgate, OSS Project for auditing GH Actions, Google announces new experimental cybersecurity model, Verizon exposed call logs

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #77: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #77: Weekly Cybersecurity Newsletter!

Compromised GitHub Actions, IngressNightmare, WIZ Vuln DB Fail, Chainguard VMs & Libraries, $3M to find suspicious open source contributors

Kyle Kelly