newsletter

newslettersponsoredblog
newsletternewsletter
CramHacks Chronicles #82: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #82: Weekly Cybersecurity Newsletter!

Disney Hackers Get Jail Time, Maintainer Month, White House Proposes $500M CISA Cut, Trusting Russian State-Owned OSS Packages

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #81: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #81: Weekly Cybersecurity Newsletter!

MCP Servers Leaking Secrets, Backdooring more cryptocurrencies, Kali loses access to signing key, Google's 2024 Zero-Day Exploitation Analysis

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #80: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #80: Weekly Cybersecurity Newsletter!

Supply Chain Pre-RSAC Announcements, do not run any Cargo commands on untrusted projects, scanning stale branches, and more!

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #79: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #79: Weekly Cybersecurity Newsletter!

CVE Program Funding Extended, MCP Server Security, Weaponizing Code Agents, Threat Modeling GitHub, Anatomy of Malicious Open Source Packages

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #78: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #78: Weekly Cybersecurity Newsletter!

Q&A w/ Linus Torvalds, #camelgate, OSS Project for auditing GH Actions, Google announces new experimental cybersecurity model, Verizon exposed call logs

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #77: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #77: Weekly Cybersecurity Newsletter!

Compromised GitHub Actions, IngressNightmare, WIZ Vuln DB Fail, Chainguard VMs & Libraries, $3M to find suspicious open source contributors

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #74: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #74: Weekly Cybersecurity Newsletter!

Quietly load malicious vscode extensions, 2025 Open Source Security and Risk Analysis Report, Mixing up Public and Private Keys in OpenID Connect deployments, Open Source Project Security Baseline

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #73: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #73: Weekly Cybersecurity Newsletter!

The biggest supply-chain attacks in 2024, Top 10 web hacking techniques, whoAMI: A cloud image name confusion attack, Malicious Code & Vulnerabilities

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #72: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #72: Weekly Cybersecurity Newsletter!

Measuring LLM Package Hallucination, Reviving Abandoned S3 Buckets, Maven begins validating Sigstore signatures, and Go Module Proxy cache abuse

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #71: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #71: Weekly Cybersecurity Newsletter!

I have a new Job! OSS usage trends, us-east-1.com DNS insights, CVEs for EOL versions, Palantir's security practices, OSS health checks, OSV-Scanner v2.0.0-beta1

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #70: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #70: Weekly Cybersecurity Newsletter!

Executive Order 14144, Homebrew warnings, Google’s Patch Rewards, StackOverflow's decline, GitHub antics, and insights on the Cyber Resilience Act

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #69: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #69: Weekly Cybersecurity Newsletter!

Exploring OSS Vulnerabilities, Google’s OSV Growth, GitHub Actions Security, Snyk's Controversy, CNCF Fuzzing Insights, and More

Kyle Kelly