CramHacks

CramHacks
Topics
newsletter

CramHacks Chronicles #81: Weekly Cybersecurity Newsletter!

MCP Servers Leaking Secrets, Backdooring more cryptocurrencies, Kali loses access to signing key, Google's 2024 Zero-Day Exploitation Analysis

Kyle Kelly

newsletternewsletter

Apr 23, 2025

CramHacks Chronicles #80: Weekly Cybersecurity Newsletter!

Supply Chain Pre-RSAC Announcements, do not run any Cargo commands on untrusted projects, scanning stale branches, and more!

Kyle Kelly

newsletternewsletter

Apr 16, 2025

CramHacks Chronicles #79: Weekly Cybersecurity Newsletter!

CVE Program Funding Extended, MCP Server Security, Weaponizing Code Agents, Threat Modeling GitHub, Anatomy of Malicious Open Source Packages

Kyle Kelly

newsletternewsletter

Apr 02, 2025

CramHacks Chronicles #77: Weekly Cybersecurity Newsletter!

Compromised GitHub Actions, IngressNightmare, WIZ Vuln DB Fail, Chainguard VMs & Libraries, $3M to find suspicious open source contributors

Kyle Kelly

newsletternewsletter

Mar 05, 2025

CramHacks Chronicles #74: Weekly Cybersecurity Newsletter!

Quietly load malicious vscode extensions, 2025 Open Source Security and Risk Analysis Report, Mixing up Public and Private Keys in OpenID Connect deployments, Open Source Project Security Baseline

Kyle Kelly

newsletternewsletter

Feb 19, 2025

CramHacks Chronicles #73: Weekly Cybersecurity Newsletter!

The biggest supply-chain attacks in 2024, Top 10 web hacking techniques, whoAMI: A cloud image name confusion attack, Malicious Code & Vulnerabilities

Kyle Kelly

newsletternewsletter

Feb 05, 2025

CramHacks Chronicles #72: Weekly Cybersecurity Newsletter!

Measuring LLM Package Hallucination, Reviving Abandoned S3 Buckets, Maven begins validating Sigstore signatures, and Go Module Proxy cache abuse

Kyle Kelly

newsletternewsletter

Jan 29, 2025

CramHacks Chronicles #71: Weekly Cybersecurity Newsletter!

I have a new Job! OSS usage trends, us-east-1.com DNS insights, CVEs for EOL versions, Palantir's security practices, OSS health checks, OSV-Scanner v2.0.0-beta1

Kyle Kelly

newsletternewsletter

Jan 22, 2025

CramHacks Chronicles #70: Weekly Cybersecurity Newsletter!

Executive Order 14144, Homebrew warnings, Google’s Patch Rewards, StackOverflow's decline, GitHub antics, and insights on the Cyber Resilience Act

Kyle Kelly

newsletternewsletter

Jan 15, 2025

CramHacks Chronicles #69: Weekly Cybersecurity Newsletter!

Exploring OSS Vulnerabilities, Google’s OSV Growth, GitHub Actions Security, Snyk's Controversy, CNCF Fuzzing Insights, and More

Kyle Kelly

newsletternewsletter

Jan 01, 2025

CramHacks Chronicles #67: Weekly Cybersecurity Newsletter!

Happy New Year! GitHub Cache-Native Malware, Hijacking Chrome Extensions, 2024 Blog Recap, Microsoft using third-party domains

Kyle Kelly

newsletternewsletter

Dec 18, 2024

CramHacks Chronicles #66: Weekly Cybersecurity Newsletter!

GitHub tackles workflow vulnerabilities, finding undisclosed vulnerabilities using LLMs, container image signing, chasing quality OSS license data, OSS funding report

Kyle Kelly