0hardik1/kubesplaining: Kubernetes security assessment CLI: RBAC, pod-escape, and privilege-escalation path analysis. Cloudsplaining for Kubernetes. github.com/0hardik1/kubespla…

GreatXML bitlocker bypass vulnerability git.projectnightcrawler.dev/…

There are a select few who can use Fable for cyber stuff. Yesterday, I resurrected a long-running agent from a bounty program with a super-long context window and switched to Fable. It worked. Basically, a context overflow with a ton of authorization priming is the key. Full disclosure, it downgraded after 4 hours as it tripped the classifier on a tool call. That Classifier then tripped the model guardrail and triggered the downgrade 🤷‍♂️

Google releases emergency update for fifth Chrome zero-day exploited in the wild this year scworld.com/brief/google-rel…

Go read a book. A new model was released. That means social media has nothing useful to say for a few days.

Weak model good harness = 40 Weak model good harness expert = 60-85 depending on factors (tm)

This will be the moment it all went sideways.

Does anyone else feel that what people are learning about "Infosec" sometimes is doing a disservice and preventing innovation?

EDRChoker uses Policy-based Quality of Service (QoS) to set hard bandwidth caps (throttling) on Endpoint Detection and Response (EDR) agents, causing them to always time out - effectively blocking them. #itsecurity #securityblog #altimalware zerosalarium.com/2026/06/edr…

This is so sad that this is how they advertise. I get that it's not supposed to be literal but honestly it's the only time I use it.

😵‍💫

Tomorrow is my last day at @chainguard_dev. Best company ever. I'm jealous of anyone that gets to work there. I may kick myself for leaving but I will definitely kick myself if I don't try out the next opportunity.

I'll be there. Whether you want me or not. Should be warm enough for some other tom foolery.

Check out that secion 4 doubling down on computer fraud and abuse act... whitehouse.gov/presidential-…

Chainguard customers are unaffected by today’s wave of Mini Shai-Hulud, which impacts 32 redhat-cloud-services projects and 90 versions. Get the details: chainguard.dev/unchained/cha…

When major exploits are going to be a dime a million, old school exploits will rule. I'm investing my research time into how to make the CAP locks light on your keyboard appear on.... BUT IT'S NOT!

The post covers a Claude skill which was used to shed static signatures on these WASM-ized binaries. While the tool isn't live yet, the skill which helped shield it is live right now. github.com/praetorian-inc/re…

Yes this is my employer but yes I agree with it. I don't care about your money just read the article

nono.sh often ends up in comparison articles where its pitched against microVMs, within a very loose rag-tag bunch known as "Agent Sandboxes" - but the truth is, this is like comparing the fly-by-wire limits built into an aircraft control system to an end-of-runway concrete barrier - one governs every control input from within, in real time; the other stops things outside from going wrong when the plane runs out of runway. A microVM guards the host. What happens inside, is not really its concern or duty to protect . If data is exfiltrated to unknown endpoints, destructive tool calls are made, an agent malfunctions and racks up eye-watering LLM api costs, and then deletes your database - you can't really blame the VM. You got what you signed up for - strong, monolithic, isolation. Not internal governance. So nono operates at a completely different point in the security model: inside. It enforces capability-based, fine-grained policy, to intercept sensitive or destructive operations, and it audits what the agent is actually doing with tamper resistant , cryptographic claims (the blackbox recorder!). The question isn't "how contained is the damage" - it's "does the agent get to do this at all, in this particular context." They answer different questions entirely: A VM answers, "if malicious code executes, how do we contain the blast radius from breaching the host and adjacent tenants?" nono answers, "how do I give the agent some authority to use a tool to access AWS credentials and call its APIs, but not allow the same access when its curl using the POST method to send your production credentials in a payload to a public github issue. Docker not long back announced "we launched Docker Sandboxes with a bold goal: to deliver the strongest agent isolation in the market." That's Great! However, it's not really what your AI weary CISO needs to sleep better at night. Instead, it's resolving a problem that's already mostly solved - in a claimed, much stronger way. AI agents aren't highly focused on breaking isolation, something very difficult to achieve; they want to steal keys and cause wreckage from the inside. Want to see what the future malicious agent looks like? Go check out TeamPCP and their recent pursuits - they aren't bypassing hardware-level isolation with a zero-day, they're letting npm install do the job by executing a post-install scripts to exfiltrate your CI tokens. BUT - they also harmonise and are formidable when combined - which is why teams and orgs are now deploying nono directly onto AWS Fargate / Firecracker, and hardened Kubernetes bound images - one holds the perimeter; the other governs what runs inside it. You get to sleep a bit easier at night. If you interested in learning more and working with us to help shape a new approach for a new threat - we are now accepting a limited number of design partners to help us shape the future of AI Agent Security.