tl;dr sec

tl;dr sec
Topics
Newsletter

[tl;dr sec] #297 - Self-Propagating NPM Malware, Securely Deploying AI Agents, China's Great Firewall Leaked

Moar backdoored NPM packages (+ how to secure GitHub Actions), agents making sensitive decisions autonomously, source code and internal docs for China's Great Firewall leaked

Clint Gibler

NewsletterNewsletter

Sep 11, 2025

[tl;dr sec] #296 - AI Automates CVE -> Exploit, Apple Defeats Memory Corruption, Moar NPM Backdoors

AI auto-generating exploits from CVEs for $3, not actually but Memory Integrity Enforcement makes it harder, surprisingly NPM packages were backdoored

Clint Gibler

NewsletterNewsletter

Sep 04, 2025

[tl;dr sec] #295 - AI Code Analysis, AWS Detection Engineering, Anthropic Threat Intel Report

Using AI to find vulnerabilities in code, mastering AWS logs for detection engineering, how threat actors are misusing Claude (#4 will surprise you)

Clint Gibler

NewsletterNewsletter

Aug 28, 2025

[tl;dr sec] #294 - Nx Backdoored, AI-powered Ransomware, PhrackCTF

Nx malware uses AI CLIs to find secrets, ESET discovers malware sample leveraging OpenAI's OSS model, binary exploitation CTF for Phrack's 40th

Clint Gibler

NewsletterNewsletter

Aug 21, 2025

[tl;dr sec] #293 - MCP Security, AWS Enumeration, North Korean Hacker's Files Leaked

Critical vulnerabilities in MCPs, stealthily enumerating AWS resources, a North Korean government hacker's computer was pwned, backdoors & campaigns leaked

Clint Gibler

NewsletterNewsletter

Aug 14, 2025

[tl;dr sec] #292- HTTP/1.1 must die, AI + SAST, Google's Insider Threat Detection Tool

James Kettle argues HTTP/1.1 can never be fully secured, augmenting static analysis with LLMs, Google's talk + OSS tool for detecting malicious insiders

Clint Gibler

NewsletterNewsletter

Aug 07, 2025

[tl;dr sec] #291 - Build a GuardDuty Triage Agent, Scaling Netflix's Threat Detection Pipelines, Claude for Security Review

How to build an AI agent that triages GuardDuty alerts, lessons learned scaling Netflix's detection pipelines, Anthropic releases a slash command and GitHub Action for performing secure code review

Clint Gibler

NewsletterNewsletter

Jul 31, 2025

[tl;dr sec] #290 - Securing MCP, AppSec Archetypes, CISO's Guide to Protecting Crown Jewels

Tools to scan MCP servers and an MCP WAF, 4 AppSec archetypes, how to strategically protect your org with limited resources

Clint Gibler

NewsletterNewsletter

Jul 24, 2025

[tl;dr sec] #289 - AI-powered Fuzzing, Incentives in Security, Malware in DNS

Automatically generating fuzzing harnesses and vulnerability proof-of-concepts, 5 incentives security programs should pursue, it's always DNS

Clint Gibler

NewsletterNewsletter

Jul 17, 2025

[tl;dr sec] #288 - Prompt Injection in Malware, Preventative Security, Top Bug Bounty War Stories

Checkpoint finds malware containing prompt injection, why preventative security is hard, @Rhynorater talk sharing 11 of his most impactful and technically challenging vulnerabilities

Clint Gibler

NewsletterNewsletter

Jul 10, 2025

[tl;dr sec] #287 - fwd:cloudsec Talk Recordings, How Figma Only Runs Approved Software, Auditing Code with AI

45 excellent cloud security talks, how Figma rolled out the binary authorization tool Santa, AI bug finding tools and paper

Clint Gibler

NewsletterNewsletter

Jul 03, 2025

[tl;dr sec] #286 - Securing Vibe Coding, Finding Secrets "Oops Commits", Backdooring IDE Extensions

Rules files to vibe securely, earning $25K from dangling commits, compromising the extension marketplace of Cursor, Windsurf, and other VS Code forks

Clint Gibler