Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found

trustedsec.com/blog/full-di...

RCA

Stardrop Supply Chain Attack Targets Venture Capital Firms, Luxury Brands, and AI Companies A threat actor has been deploying dozens of malicious packages to NPM targeting AI companies, luxury brands, and venture capital virms. These packages drop a new malware straing that impersonates an ...

opensourcemalware.com/blog/stardro...

Microsoft wants to make service mesh invisible How Microsoft is rethinking service mesh with Azure Kubernetes Application Network, built on Istio ambient mode to simplify operations, enable mTLS by default, and support emerging AI workload demands...

thenewstack.io/microsoft-wa...

Foundry Local is now Generally Available | Microsoft Foundry Blog Ship local AI to millions of devices - fast, private on-device inference with no per-token costs.

devblogs.microsoft.com/foundry/foun...

Lab Space The landing page for agile CSA community projects

labs.cloudsecurityalliance.org/mythos-ciso/

red.anthropic.com/2026/mythos-...

Project Glasswing: Securing critical software for the AI era A new initiative to secure the world’s most critical software and give defenders a durable advantage in the coming AI-driven era of cybersecurity.

www.anthropic.com/glasswing

adversa.ai/blog/claude-...

frday deployment to avoid

STARDUST CHOLLIMA Likely Compromises Axios npm Package STARDUST CHOLLIMA has likely compromised Axios Note Package Manager (npm) Package with stolen manager credentials. Learn more.

www.crowdstrike.com/en-us/blog/s...

Public Container Registry Risks 2026: Malicious Images & Mitigation | Qualys Public container registries (Docker Hub, ECR Public) are silent risk multipliers in 2026 — crypto mining, malware, typo-squatting in images. Qualys TotalCloud scans registries, detects malware/secrets...

blog.qualys.com/product-tech...

Streamline your Amazon EKS deployments with Gateway API support for AWS Load Balancer Controller and Amazon VPC Lattice | Amazon Web Services Building on the recent announcement of Gateway API support in AWS Load Balancer Controller, in this post we demonstrate a practical architecture that uses both controllers through a single API specifi...

aws.amazon.com/blogs/networ... cool

The AI job boom is here. Are you ready to showcase your skills? | Microsoft Community Hub AI isn’t just changing jobs descriptions, it’s redefining how work gets done across every industry, role, and skill level. From marketing to manufacturing,...

techcommunity.microsoft.com/blog/skills-...

Security Notice: Impact of CVE-2026-33634 on ownCloud Build Infrastructure - ownCloud On March 19, 2026, a critical supply chain attack compromised Aqua Security’s Trivy vulnerability scanner (CVE-2026-33634, CVSS 9.4). This attack affected

owncloud.com/security-adv...

OpenAI Codex Command Injection Vulnerability Exposes… | BeyondTrust BeyondTrust Phantom Labs reveals a critical command injection vulnerability in OpenAI Codex. Learn how malicious GitHub branch names enable OAuth token…

www.beyondtrust.com/blog/entry/o...

TeamPCP's Telnyx Windows Malware: Technical Analysis | OX Security OX Security analyzes TeamPCP’s Telnyx malware—multi-stage payloads, steganography, C2 comms, and credential theft impacting Windows systems.

www.ox.security/blog/teampcp...

Announcing public preview: Cilium mTLS encryption for Azure Kubernetes Service | Microsoft Community Hub We are thrilled to announce the public preview of Cilium mTLS encryption in Azure Kubernetes Service (AKS), delivered as part of Advanced...

nice techcommunity.microsoft.com/blog/azurene...

Detecting supply chain attacks at scale with Deep Search | Sourcegraph Blog Poisoned LiteLLM packages on PyPI started stealing credentials. Using Deep Search and Code Search, we traced which public repos were protected by version pinning and which were left exposed. Here's ho...

sourcegraph.com/blog/detecti...

GitHub - alegrey91/vex8s: Suppress vulnerabilities applying Kubernetes context to scans Suppress vulnerabilities applying Kubernetes context to scans - alegrey91/vex8s

github.com/alegrey91/ve... nice 1 but using trivy🤞

GitHub - GoogleCloudPlatform/buildpack-samples Contribute to GoogleCloudPlatform/buildpack-samples development by creating an account on GitHub.

github.com/GoogleCloudP... 👍