> BRIEFINGS
Weekly Recon.
Every issue, indexed. Pick a Tuesday.
> SUBSCRIBE
Get every Tuesday's issue in your inbox. Unsubscribe in one click.
- #009 Untrusted by Invitation. Trail of Bits walks four malicious agent skills past every scanner (ClawHub, Cisco, skills.sh) · Defender: the Agents Rule of Two (Meta / Microsoft) · Agent Bench: make three models argue · Reco's LLM agent finds SOQL injection in Salesforce on its own · Recon Roles: Dropbox (US + Canada) + GitLab (India) Shipped 2026-06-16
- #008 Borrowed Trust. RyotaK poisons Anthropic's official Claude Code Action via a GitHub issue · Falco Prempti gates coding-agent tool calls · Agent Bench dependency audit + zero-width Unicode grep · Qualys HazyBeacon Lambda URL C2 · Recon Roles: Tailscale (US + Canada) Shipped 2026-06-09
- #007 Machine Speed. Sysdig AI agent drives a 4-pivot intrusion · StepSecurity Megalodon backdoors 5,561 repos via id-token: write · StepSecurity Nx Console extension harvests ~/.claude creds · Kubernetes corrects records for three unfixable CVEs Shipped 2026-06-02
- #006 False Assurance. Laravel-Lang Composer tag rewrite · AWS CIRT LeaveOrganization SCP escape · Sysdig Azure VMAccess detection gaps · Wiz Fragnesia kernel LPE · Langflow returns to CISA KEV · Chris Farris on the Security Valley of Death Shipped 2026-05-26
- #005 Hijacked Execution Context. Mini Shai-Hulud / TanStack worm + OpenAI breach · Microsoft MCP misconfigs · Datadog malicious coding-agent skills · SpecterOps Dev Tunnels as C2 · Fog Security Amazon Quick bypass Shipped 2026-05-19
- #004 The patch window closed. The registry pushed back. Sysdig LiteLLM 36h weaponization · pnpm 11 supply-chain defaults · Push Vercel OAuth chain · GitGuardian Markov LLM passwords Shipped 2026-05-12
- #003 AuthZ said deny. The parser said yes. Docker AuthZ bypass · AWS forensic S3 framework · Synacktiv K8s forensics · Kubernetes 1.36 Shipped 2026-05-05
- #002 The identity acting is not the identity you think. Claude Code skill hijack · Dependabot auto-merge · MCP per-tool STS scoping Shipped 2026-04-28
- #001 The agent runs under its own AWS role, not yours. Bedrock AgentCore God Mode · SandyClaw · 2026 Threat Detection Report Shipped 2026-04-21