La semaine dernière vous avez peut etre loupé :
🦅 Falco : la détection runtime qui complète vos scanners - 11/05/2026
Vos scanners d’images ne voient pas ce qui se passe à l’exécution ; Falco 0.43.1 avec son driver modern eBPF et son opérateur production-ready change la donne pour qui veut une vraie couche runtime dans sa chaîne DevSecOps….
⚖️ OPA & Gatekeeper : Policy as Code pour Kubernetes, sans illusion - 12/05/2026
Gatekeeper v3.22, Kyverno qui progresse, CEL poussé en standard par Kubernetes ; avant d’empiler une couche de plus, voilà comment décider où OPA s’intègre vraiment dans votre pipeline….
🗺️ OSAKA : Visualiser les chemins d’attaque Kubernetes avec l’outil de l’ANSSI - 14/05/2026
L’ANSSI livre un outil open source qui transforme vos configurations Kubernetes en graphes d’attaque exploitables ; si vous auditez des clusters K8s, vous allez vouloir l’ajouter à votre boîte à outils….
🔍 kube-bench : Audit automatique selon les benchmarks CIS - 16/05/2026
Savoir si votre cluster Kubernetes respecte les benchmarks CIS en quelques minutes, avec des recommandations de remédiation directement actionnables ; kube-bench reste la référence incontournable pour tout audit de conformité….
#DevSecOps #OWASP #CloudSecurityAlliance
Liste de liens interessants de la semaine
🔗 CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082 , a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases. The ….
🔗 Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware A new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL. “Although the affected packages were all Composer packages, the malicious code was not added to composer.json,” Sock….
🔗 Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threa….
🔗 Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks Ransomware and vendor breaches persist. The “2026 Data Breach Investigations Report” (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable….
🔗 Gemini allegedly broke production, then wrote itself the hero A developer claims Gemini broke a live portal, then generated recovery notes that overstated its role. The incident shows why AI coding agents need tighter permissions, review, and rollback controls….
🔗 We hardened zizmor’s GitHub Actions static analyzer In March 2026, attackers exploited a pull_request_target misconfiguration in the aquasecurity/trivy-action GitHub Action to exfiltrate organization and repository secrets, then used those credentials to backdoor LiteLLM on PyPI (see Trivy’s post-mortem for the full timeline). zizmor is a static anal….
🔗 Even Claude agrees: hole in its sandbox was real and dangerous Two now-patched bypass bugs in Claude Code’s network sandbox put users at risk, and one of these allows baddies to send anything inside the sandbox - credentials, source code, other private data - to any server on the internet, according to a researcher who found and reported both flaws to Anthropic….
🔗 Combatting the Top Three Sources of Risk in the Cloud With cloud computing, organizations are storing data like intellectual property, trade secrets, Personally Identifiable Information (PII), proprietary code and statistics, and other sensitive information in the cloud. If this data were to be accessed by malicious actors, it could incur financial los….
🔗 GitHub victime d’une cyberattaque : 3 800 répertoires internes compromis via une extension VS Code malveillante La plateforme de développement a confirmé avoir été la cible d’une exfiltration de donnée. L’origine de l’incident met en lumière l’installation d’une extension empoisonnée sur la place de marché officielle de Visual Studio Code….
🔗 Typosquatting Is No Longer a User Problem. It’s a Supply Chain Problem AI-generated lookalike domains are now embedded inside the third-party scripts running on your web properties. Here’s why your current stack can’t see them, and what detection actually requires. Download the CISO Expert Guide to Typosquatting in the AI Era → TL;DR Typosquatting is no longer a user p….
🔗 Mini Shai-Hulud Attack Hits npm Ecosystem, Compromising Over 600 Packages A large-scale supply chain attack targeting the npm ecosystem has resurfaced with a new variant of the Mini Shai-Hulud malware, compromising more than 600 packages and introducing advanced evasion techniques, including forged Sigstore provenance. The attack primarily targeted the widely used @antv e….
🔗 Single-Letter Go Module Typosquat Drops DNS-Based Backdoor A newly uncovered software supply chain attack targeting Go developers demonstrates how a single-character typo can silently introduce a persistent backdoor. A malicious Go module, github.com/shopsprint/decimal, designed to impersonate the widely trusted github.com/shopspring/decimal library used fo….
🔗 Hackers Exploit MSHTA to Deploy LummaStealer and Amatera Malware Hackers are increasingly abusing the legacy Microsoft HTML Application Host (MSHTA) utility to deliver commodity malware such as LummaStealer and Amatera. Despite being tied to Internet Explorer, which was retired in 2022, MSHTA remains default in Windows, making it an attractive Living-off-the-Land….
🔗 Projet Glasswing : ce que Mythos nous a révélé Ces derniers mois, nous avons testé toute une gamme de LLM (Large Language Models, grands modèles linguistiques) orientés sécurité sur notre propre infrastructure. Ces LLMs nous aident à identifier les vulnérabilités potentiellement présentes au sein de nos propres systèmes afin que nous puissions l….