I wrote up an analysis of the Axios compromise: securitylabs.datadoghq.com/articles/axi...
Crazy how while researchers were filing issues to report the compromise, the attacker was deleting them in real time using the maintainer's GitHub access!
Yesterday, a threat actor compromised 2 versions of the LiteLLM Python package (40k stars, 3M+ weekly downloads). The malicious versions had 120k downloads before being taken down
Full write-up: securitylabs.datadoghq.com/articles/lit...
Timeline (h/t @ramimac.me): ramimac.me/trivy-teampcp/
When an AI agent came knocking: Catching malicious contributions in Datadog’s open source repos
www.datadoghq.com/blog/enginee...
Fresh and active AWS phishing campaign with 3 main domains:
cloud-recovery[.]us
cloud-recovery[.]net
aws[.]cloud-recovery[.]us
... with hands-on-keyboard activity 20 minutes after credentials are submitted
#Podcast #Cybersécurité
Épisode #534 consacré au ver "Shai-Hulud", avec @christophetd.fr
www.nolimitsecu.fr/shai-hulud/
The Codex version is better. The tail pointer is the defining difference — it shows a stronger understanding of linked list design. O(1) append is the whole reason you'd use a linked list over an array in many scenarios, and the Claude version gets that wrong. The Codex version is also cleaner structurally (shared nodeAt helper, no redundant initializations).
I asked Claude (Opus 4.6) and Codex (GPT-5.3) to each generate a simple LinkedList implementation in Java.
Then I asked Claude to pick the better one. No hesitation: "The Codex version is better" 🤔
gist.github.com/christophetd...
If you're using VSCode or Cursor, this is a pretty solid extension to have in your toolbox!
Decoding the GitHub recommendations for npm maintainers
securitylabs.datadoghq.com/articles/dec...
by @phrawzty.com
Investigating an adversary-in-the-middle phishing campaign targeting Microsoft 365 and Okta users
securitylabs.datadoghq.com/articles/inv...
CVE-2025-55182 (React2Shell): Remote code execution in React Server Components and Next.js
securitylabs.datadoghq.com/articles/cve...
A few days ago, a new piece of malware started spreading in npm, compromising and backdooring hundreds of legitimate npm packages and GitHub users. Read the analysis from our security research team:
securitylabs.datadoghq.com/articles/sha...
If you're in cloud security, do have a look at this piece of research I've been working on! Feedback / thoughts welcome
The EU is advancing legislation requiring all messaging platforms to scan private messages, even in encrypted apps like Signal/WhatsApp/Telegram.
600+ security researchers oppose ChatControl for being technically flawed.
Learn more about it 👉 metalhearf.fr/posts/chatco...
#ChatControl #privacy
Thanks! This was an incredibly great post
If you're into cloud security, fwd:cloudsec Europe is now live.
Schedule: fwdcloudsec.org/conference/e...
I did a bit more looking into the upcoming bitnami deprecation. The images are still getting millions of pulls a week, so depending on exactly what tags vanish next week, there could be a lot of broken deploys on the 28th!
raesene.github.io/blog/2025/08...
@micahflee.com thank you for the amazing and inspiring defcon talk
I arbitrarily picked a list of 50 talks I'm most excited about that are happening next week at DEF CON / Black Hat / BSides LV / The Diana Initiative.
I'll also add recordings/slides to this list when they become available!
Getting ready for DEF CON next week!
✅ Slides
✅ Demos
✅ Custom shirt designed for the occasion
This is dropping ed375deea6f7407d2ff9dab1cb326473 (bazaar.abuse.ch/sample/c68e4...)
credits Varun Sharma for the share on LinkedIn
Looks like the maintainer of a number of highly-popular npm packages was phished through npnjs[.]com, and his access used to publish malicious versions of their packages
x.com/JounQin/stat...
www.linkedin.com/feed/update/...
github.com/prettier/esl...
Great research, would you be able to share the sample GitHub repositories and/or their metadata? I'm working on an open-source tool and could use some additional samples!
Stratus Red Team AWS attack techniques are now mapped to the Threat Technique Catalog for AWS
Stratus Red Team AWS attack techniques: stratus-red-team.cloud/attack-techn...
Threat Technique Catalog by AWS: aws-samples.github.io/threat-techn...
The MCP spec has been updated to include security best practices
• Confused deputy
• Token passthrough
• Session hijacking
modelcontextprotocol.io/specificatio...
Solid way to start the week
👀
Happy to discuss submission ideas!
If you're a cloud practitioner based in Europe, definitely submit to fwd:cloudsec Berlin happening in September!
We're actively seeking submissions from first time speakers and non-security folks. In that case, you can submit by May 30th and get initial feedback on your submission!
