🎭️ Backstage Tour

Last weekend one of the primary San Francisco theaters (the Orpheum) had an open house where you could go on the stage, backstage, everywhere. It was awesome 😍 

There was a magical moment of standing on the stage, and then seeing them raise the curtain.

I went downstairs backstage and saw the electronics/lighting room, stood in the pit where the orchestra plays, saw the (surprisingly small) dressing rooms with the mirrors, and more.

Some fun facts I learned:

• Everything you need to put on a given musical travels with the show in shipping trucks, including all of the set pieces, costumes, props, lighting, etc.

• For “smaller shows” that are maybe ~7-12 trucks worth, they arrive at a new venue at say 8am, the crew rapidly sets everything up, breaks for dinner at 5pm, then puts on the first show at 7pm that night 🤯 

• ~60-80% of the behind the scenes folks are local to that theater, and they don’t know the show at all yet opening night. So there’s a handful of folks traveling with the show who are orchestrating everything so it’s set up properly.

• The folks on lights have ear pieces, and while they’re learning a new show they may just get guidance from the stage manager like, “OK your next cue is you’re going to pick up stage right a man in blue clothing, 50% brightness, these light settings.” But they don’t know which character it is so they’re just kinda guessing at first.

• Actors often change in almost pitch darkness (except for some lighting they wear around their head) so the light doesn’t bleed on to the stage.

I also saw a “quick change” demo. Sometimes actors only have a few moments to change, so they did a demo of a <1 minute wardrobe change.

There’s actually a ton of prep and thoughtfulness that goes into orchestrating a quick change: how the pants or dress are “pooled” on the ground so you can just step in, how the boots are positioned so they don’t catch on the clothes, how the top layers are laid down to minimize rotation and movement when putting them on, and how there can be one (or more) wardrobe people helping the actors put everything on. Whoa.

Meanwhile, I put on my own clothes like a plebe.

As you might suspect, cybersecurity is just my bridge career, until I get into the stable, lucrative theater or screen industries 👨‍🎤 

Sponsor

📣 Secure Coding from Design to Deployment

Secure coding starts long before production. 

Modern applications move fast, which means security needs to be built in from the start, not added later. From API design to input handling and access control, early decisions have a big impact on reducing risk.

The Secure Coding Best Practices Cheat Sheet covers key areas like secure design foundations, strong authentication and authorization, input validation, and preventing common vulnerabilities such as XSS, SQL injection, and broken access control.

Reduce risk early with practical secure coding and design best practices.

👉 Get the Cheat Sheet 👈

AppSec

• Turn meetings into tangible products - Scott has an AI notetaker in meetings, which he can then use a prompt to turn that into a PRD which his agents can then start building immediately after the meeting.

• Turn memos into implementations - “When I think of defaulting to writing something down, or someone shares a strategy doc, problem statement, idea, etc., I immediately ask Claude, “Let's take the relevant part of this and turn it into an implementation.”

Sponsor

📣 Cybercrime Just Hit Escape Velocity (Here’s the Evidence)

Flashpoint just released its 2026 Global Threat Intelligence Report, and the data is shocking.

• AI-related illicit activity surged 1,500% in a single month

• 3.3B compromised credentials are now fueling identity-based attacks

• Ransomware incidents increased 53% as groups pivot toward pure-play extortion

The report also explores how threat actors are moving from generative tools to agentic AI frameworks that can automate attacks at scale.

👉 View Report 👈

Whoa, that’s some huge growth. Also, I’m curious to learn more about how threat actors are adopting autonomous agents 😅 

Cloud Security

Fighting Eventual Consistency-Based Persistence - An Analysis of notyet
Sonrai Security's Nigel Sood describes his red-blue collaboration with OFFENSAI’s Eduard Agavriloae on notyet (referenced in last week’s issue), an open-source tool that exploits AWS IAM's eventual consistency propagation window to automatically maintain admin persistence by detecting and reversing containment actions within seconds.

Nigel tested nearly a dozen IR techniques against notyet and found that standard AWS-recommended containment methods, including inline policy deletion/modification, managed policy attachments, permission boundaries, group membership changes, access key deactivation, role deletion, and SSM runbooks like AWSSupport-ContainIAMPrincipal, were all ineffective as notyet detected and reversed them within the consistency window. Only Service Control Policies (SCPs) successfully contained notyet, as member account identities cannot modify SCP attachments even with * permissions.

Part 2: AWS CodeBuild (Escalating Privileges via AWS CodeConnections)
Thomas Preece discovered that from an unprivileged AWS CodeBuild job using CodeConnections, you can call an undocumented API to retrieve raw GitHub App tokens or BitBucket JWT App tokens with the full permissions of the installed CodeConnection App. The app generally has read, write and admin permissions on all repos under your organization. See AWS-CodeBuild-HTTP-Intercept-Image for a container image for CodeBuild that allows you to get network monitoring in place before CodeBuild starts your build.

So basically your CodeConnection setup could mean you are one breached build job away from having every repo in your organization compromised 😅 AWS are not planning to fix this issue as they say CodeBuild is a "trusted environment."

💡 Great detailed write-up and walk through of examining how a third party system works internally 👍️ 

Supply Chain

Primer on GitHub Actions Security - Threat Model, Attacks and Defenses
Wiz’s Shay Berkovich describes the GitHub Actions threat model, three main risks (Pull Request pwnage, script injection, 3rd party components), and a defensive playbook.

The post discusses 8 dangerous triggers (including pull_request_target), how script injection occurs when untrusted inputs like branch names or issue titles are directly embedded in bash commands without environment variable binding, and how compromised third-party actions cascade through dependency chains, like when attackers sequentially compromised four Actions to reach Coinbase.

“High-value targets including Sentry, OpenSearch, IPFS, NixOS, Jina AI, and recharts all successfully blocked the attack through a combination of first-time contributor approval gates, actor-restricted workflows, and path-based trigger conditions.”

Blue Team

MITRE Fight Fraud Framework
MITRE has released the Fight Fraud Framework™️ (F3), a free, open knowledge base documenting tactics and techniques used by financial fraud actors based on real-world cyber fraud incidents. The framework maps fraud-specific behaviors and references applicable MITRE ATT&CK techniques where relevant, providing a common taxonomy for describing fraud incidents.

YARAHQ/yara-rule-skill
By Florian Roth and Thomas Roccia: An LLM Agent Skill for expert YARA rule authoring, review, and optimization. Embeds industry best practices from the creator of YARA-Forge and yaraQA into your AI assistant's context. It enables natural language rule writing, review, and optimization.

Little Snitch for Linux
Little Snitch for Linux (GitHub) uses eBPF to monitor and control outgoing network connections, providing a web UI that shows which applications are connecting to which servers, with support for custom rules and automatic blocklist updates. The tool can filter by process, port, and protocol, displays traffic history and data volumes, and accepts blocklists in formats like domain-per-line, /etc/hosts, and CIDR ranges.

Red Team

Building Agentic C2 with Computer Use Agents
BeyondTrust’s Ryan Hausknecht describes a proof-of-concept command-and-control (C2) architecture using Claude's computer use capability, where a C# implant on the target endpoint executes AI-driven actions via Windows APIs (SetCursorPos, SendInput) or pyautogui. To avoid direct connections to Anthropic's API, Ryan used Azure Storage blobs as a dead drop for command polling and Azure Function Apps as a proxy to append API keys, ensuring all traffic appears to originate from Azure.

Claude takes screenshots to determine screen resolution and element positioning, then issues click and keypress commands that flow through the function app back to the implant. This architecture keeps API keys off the endpoint and makes network traffic blend in with normal Azure communications.

Janus: Listen to Your Logs
SpecterOps's Gavin Kramer introduces Janus, an open-source tool that parses C2 logs from Mythic, Cobalt Strike, and Ghostwriter to surface operational friction like failed commands, retries, and tool failures that typically get lost in deleted logs. Janus shows your team where your tooling breaks, where operators lose time, and what you could automate next.

Janus helps them understand:

• Which tools should be updated vs. retired

• When and why tool failures occur

• Which techniques are being improvised due to missing capabilities

• What arguments caused a Beacon object file (BOF) to crash an agent

• What command ran before a callback stopped checking in

• What activity later correlated with detection or prevention

“Janus gives leadership the data layer that has been missing, and it answers:”

• How much time (and therefore cost) is lost to tool failures, retries, and operator workarounds

• Which parts of the engagement hold the most variability in timelines and delivery?

• Where are we paying an “efficiency tax” due to unreliable tooling?

AI + Security

Trusted access for the next era of cyber defense
OpenAI is scaling their Trusted Access for Cyber (TAC) program to thousands of verified defenders and launching GPT-5.4-Cyber, a fine-tuned variant of GPT-5.4 with reduced refusals for cybersecurity tasks and new binary reverse engineering capabilities. OpenAI is using strong Know Your Customer (KYC) and identity verification to limit advanced capabilities to trusted parties, and is giving targeted grants⁠, contributing to open-source security initiatives⁠, and investing in Codex Security⁠ to help defenders more rapidly find and patch vulnerabilities.

💡 Perhaps GPT-5.4-Cyber should have been the name for their erotica chatbot 🤔 Jokes aside, it’s great to see OpenAI investing in securing the software ecosystem, supporting defenders, and releasing higher capability models carefully.

The “AI Vulnerability Storm”: Building a “Mythos-ready” Security Program
New ~30 page Cloud Security Alliance whitepaper from Gadi Evron, Rich Mogull, Robert T. Lee, and a huge list of other contributors authors. A briefing for security leaders on how AI-driven vulnerability discovery is reshaping the defender timeline, the operating model of vulnerability management, and the minimum actions required now. Nice overview of recent events and important things to consider for your security program. See:

• p15 - 10 Questions to Understand Your Security Program State and Influence

• p16 - A Mythos-ready Security Program Risk Register

• p19 - Priority Actions for a Mythos-ready Security Program

4x Velocity, 10x Vulnerabilities: AI Coding Assistants Are Shipping More Risks
Apiiro’s Itay Nussbaum shares results from analyzing the impact of AI coding assistants across tens of thousands of repositories in Fortune 50 orgs. They found AI-assisted developers produced 3-4x more commits, but they were packaged into fewer PRs. By June 2025, AI-generated code was introducing over 10,000 new security findings per month across the repos in their study, a 10x spike in just six months compared to December 2024.

Interestingly, the types of flaws introduced by AI are different, for example, privilege escalation paths jumped 322%, and architectural design flaws spiked 153% (I’d like to know more about these are defined/measured).

💡 Long term I believe coding agents + security orchestration around them will make code more, not less secure, but it’s great to see some stats and investigation on the challenges we’re facing now.

Misc

Misc

• Mina Le - the myth of the "pilates body" - Interesting history around the origins of pilates, barre, Jazzercise, societal expectations, and more.

• Game Changer - Who can perform the most impressive magic trick?

• FBI Recovers Deleted Signal Messages Through iPhone Notifications - How to protect yourself: On your iPhone, go to notification settings for Signal and set Show Previews to Never. Then open the Signal app, go to Settings > Notifications > Notification Content, and select No Name or Content.

• Dr. Mike - Peptides: The Most Overhyped Trend in Fitness?

• Bryan Johnson - Before you take peptides, know this

• Gabi Belle - The Problem with Autotune on TikTok

• Harry Potter by Balenciaga - Outstanding 😂 

• The Primeagen - I made a music video and I'm not sorry - “Yacht problems” 😂 

AI

• The Verge - Read OpenAI’s latest internal memo about beating the competition — including Anthropic

• 20VC with Harry Stebbings - Demis Hassabis: Why AGI is Bigger than the Industrial Revolution & Where Are The Bottlenecks in AI

• Alex Kantrowitz - OpenAI President Greg Brockman: AI Self-Improvement, The Superapp Bet, Path To AGI, Scaling Compute

• Lenny’s Podcast - How to be a CEO when AI breaks all the old playbooks | Sequoia CEO Coach Brian Halligan

• Every - How to Build an Agent-native Product | Mike Krieger

• Anthropic - Automate work with routines - Define routines that run on a schedule, trigger on API calls, or react to GitHub events from Anthropic-managed cloud infrastructure.

• Google - Turn your best AI prompts into one-click tools in Chrome

• China’s AI Companies Are Going Closed Source due to funding constraints. The Chinese government continues using "open source" as political rhetoric in policy documents without providing the billions needed to subsidize actual open model development. The funding reality means Chinese labs can't afford to burn tens of billions on 1GW clusters like American competitors, forcing them to monetize through closed models while potentially releasing smaller open models for overseas marketing and robotics use cases.

• OpenAI, Anthropic, Google unite to combat model copying in China

Politics

• Crypto currency industry bribing donating to politicians

• Ukraine tips drone war in its favor - “Starting from December, our unmanned systems units have neutralized more enemy personnel than they recruit to their ranks.”

• How Trump Took the U.S. to War With Iran - Israel’s Netanyahu made the hard sell. The CIA director described the Israeli prime minister’s regime change scenarios as “farcical.” Tucker Carlson warned Trump that a war with Iran would destroy his presidency. “I know you’re worried about it, but it’s going to be OK,” the president said. Mr. Carlson asked how he knew. “Because it always is.”

  • “Everyone deferred to the president’s instincts. They had seen him make bold decisions, take on unfathomable risks and somehow come out on top. No one would impede him now.”

• Civilization Is Not the Default. Violence Is. - On feudalism, Pax Americana and the changing world order.

• US ban on Chinese fixed spy cameras led to a rising drone threat - “The rise of drone security incidents corresponds almost exactly to the US 2019 ban on Chinese cameras at American military bases.”

• Steve Blank - Nowhere is Safe - “The U.S. has discovered that 1) air superiority and missile defense systems designed to counter tens or hundreds of aircraft and missiles is insufficient against asymmetric attacks of thousands of drones. And that 2) undefended high value fixed civilian infrastructure – oil tankers, data centers, desalination plants, oil refineries, energy nodes, factories, et al -are all at risk…the lessons from Iran’s attacks on infrastructure in the Gulf Cooperation Council countries is that anything on the surface is going to be a target.”

✉️ Wrapping Up

Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.

If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏

Thanks for reading!

Cheers,
Clint

P.S. Feel free to connect with me on LinkedIn 👋