tl;dr sec

tl;dr sec
Topics
Newsletter

[tl;dr sec] #303 - MCP Security Scanners, Attacking GitLab CI/CD, AI SOC Benchmarks

Tools to scan MCPs for vulnerabilities, attacking self-hosted GitLab instance runners, benchmarks measuring the performance of AI's SOC and CTI capabilities

Clint Gibler

NewsletterNewsletter

Oct 23, 2025

[tl;dr sec] #302 - LLM Honeypot Catches Threat Actor, Supply Chain Compromise Survey, AI-powered Malware

Deceiving attackers with an LLM SSH honeypot, root cause analysis of 2024/2025 supply chain compromises, malware leveraging AI for stealth/better effectiveness

Clint Gibler

NewsletterNewsletter

Oct 16, 2025

[tl;dr sec] #301 - Security Leadership Master Class, DEF CON Cloud Village Talks, AI-Powered Honeypot

Guide to being an effective security leader, 25 talks on cloud, k8s and AI, auto-generating vulnerable honeypots

Clint Gibler

NewsletterNewsletter

Oct 09, 2025

[tl;dr sec] #300 - Security Headcount Ratios + Hiring Plan, MCP Security, Compliance

Plus my reflections on writing 300 issues and seeing Semgrep growing up

Clint Gibler

NewsletterNewsletter

Oct 02, 2025

[tl;dr sec] #299 - The Security Engineer's Guide to MCP, IAM Hound Dog, IMDS Anomaly Detection

Quickly get up to speed in MCP security, tool to identify privilege escalation in AWS, find 0days and attackers via anomalous IMDS calls

Clint Gibler

NewsletterNewsletter

Sep 25, 2025

[tl;dr sec] #298 - Good CISO / Bad CISO, AWS Infra Canarytokens, Protect Yourself from Compromised NPM Packages

How to be an effective CISO, deploy decoy assets that fit in to your AWS environment, tips and tools to minimize the impact of NPM malware

Clint Gibler

NewsletterNewsletter

Sep 18, 2025

[tl;dr sec] #297 - Self-Propagating NPM Malware, Securely Deploying AI Agents, China's Great Firewall Leaked

Moar backdoored NPM packages (+ how to secure GitHub Actions), agents making sensitive decisions autonomously, source code and internal docs for China's Great Firewall leaked

Clint Gibler

NewsletterNewsletter

Sep 11, 2025

[tl;dr sec] #296 - AI Automates CVE -> Exploit, Apple Defeats Memory Corruption, Moar NPM Backdoors

AI auto-generating exploits from CVEs for $3, not actually but Memory Integrity Enforcement makes it harder, surprisingly NPM packages were backdoored

Clint Gibler

NewsletterNewsletter

Sep 04, 2025

[tl;dr sec] #295 - AI Code Analysis, AWS Detection Engineering, Anthropic Threat Intel Report

Using AI to find vulnerabilities in code, mastering AWS logs for detection engineering, how threat actors are misusing Claude (#4 will surprise you)

Clint Gibler

NewsletterNewsletter

Aug 28, 2025

[tl;dr sec] #294 - Nx Backdoored, AI-powered Ransomware, PhrackCTF

Nx malware uses AI CLIs to find secrets, ESET discovers malware sample leveraging OpenAI's OSS model, binary exploitation CTF for Phrack's 40th

Clint Gibler

NewsletterNewsletter

Aug 21, 2025

[tl;dr sec] #293 - MCP Security, AWS Enumeration, North Korean Hacker's Files Leaked

Critical vulnerabilities in MCPs, stealthily enumerating AWS resources, a North Korean government hacker's computer was pwned, backdoors & campaigns leaked

Clint Gibler

NewsletterNewsletter

Aug 14, 2025

[tl;dr sec] #292- HTTP/1.1 must die, AI + SAST, Google's Insider Threat Detection Tool

James Kettle argues HTTP/1.1 can never be fully secured, augmenting static analysis with LLMs, Google's talk + OSS tool for detecting malicious insiders

Clint Gibler