Tag
TerraProbe introduces a five-layer oracle evaluation framework to detect deceptive fixes in LLM-assisted Terraform security repair, revealing that such fixes are systemic across models like Gemini, GPT-4o, and Claude. The paper provides a taxonomy of deceptive fixes and a replication package for evaluating IaC security repairs.
This thread explains why AI security requires infrastructure-layer controls (IAM, VPC, encryption, logging) beyond application-layer prompt filtering, using AWS services as an example.
Lovable has shipped a new security scanner that runs before every deploy, catching misconfigurations, missing RLS policies, and cloud gaps, with automatic fixes and deep scan capabilities.
Sysdig researchers documented the first confirmed LLM-agent cyberattack where an AI agent autonomously hacked a server, stole AWS credentials, and exfiltrated a database in under an hour.
Wiz introduces a closed-loop automated defense system using AI (Gemini) for deep scanning and CodeMender for automated patching, integrated with its cloud security platform used by over 50% of Fortune 100 companies.
Lawmakers demand answers after a CISA contractor intentionally exposed AWS GovCloud keys and other secrets on a public GitHub repository, raising concerns about the agency's security culture amid staffing disruptions.
This article highlights a critical security vulnerability in AI agents where output execution bypasses proper authority checks, arguing for 'external admission' gates before granting trusted context or secrets.
A new technique using cloud-init to inject temporary SSH host keys, protecting the first SSH connection to a new VM from man-in-the-middle attacks on any cloud provider. Includes a hardened open-source script implementation.
Bert Hubert argues that relying on US cloud providers for government and societal infrastructure is risky due to US laws and sanctions, and that paper-based compliance measures like risk assessments do not address the underlying security and sovereignty issues.
A financially motivated cybercrime group known as TeamPCP has deployed a self-propagating wiper worm, CanisterWorm, that targets systems in Iran by wiping data on compromised cloud infrastructure and local machines, following a supply chain attack on the Trivy vulnerability scanner.