What broke.
One real technique, traced end to end. The surface that fails, not the headline.
Weekly defensive engineering for cloud, CI/CD, agents, Kubernetes, and software supply-chain security. One attack traced end to end, one detection to build, one fix worth shipping.
One real technique, traced end to end. The surface that fails, not the headline.
A detection you can stand up this week. Catches the class, not just the incident.
One defender change worth a PR before Friday. Concrete, not a roadmap.
The research and trend worth seeing before it gets loud.

A repo with nothing malicious in it still owns your laptop once a coding agent runs its setup step, reverse shell included.
Read briefing →
Attackers turn your cloud logs off, then read the same pipeline for recon. Assume your visibility has holes, then find which detection breaks.
Read briefing →
Trail of Bits walks four malicious agent skills past every commercial scanner. The agent era moves trust to both ends of the wire.
Read briefing →TeamPCP Goat: a vulnerable AWS environment with 6 supply-chain flags across 2 modules. Free, self-hosted.
Thrillers where every CloudTrail event is real. Assumed Role and Signed & Sealed. Free PDFs.
Visual explainers on real cloud-security attacks. Episode 01: The TanStack Heist.
One real attack, walked to the defender move. Reply-friendly.