AppSec News Roundup on Claude Code Leak, Axios NPM Compromise, Secure Design – Idan Plotnik, Raj Mallempati – ASW #377
Security problems aren't changing very much even though security teams are. We catch up on the implications of the Claude Code source leak, the very human lessons from the axios NPM compromise, and what secure design looks like when it involves agents, humans, or both.
AppSec has always celebrated interesting and impactful vulns. And LLMs are now a favored tool for finding flaws. We shouldn't forget the success and effectiveness of fuzzers like OSS-Fuzz, which has improved security for over 1,000 projects and found over 50,000 bugs. But we can't ignore the ease of prompting an agent to go find -- and exploit -- a vuln when the UX and overhead of doing so is hardly more than writing some markdown.
The SDLC Blind Spot: Why Breaches Start with Identity, Not Code
Developers have access to source code, CI/CD pipelines, and cloud infrastructure — and attackers know it. Target lost 860GB of source code through a single compromised credential. Recruitment fraud campaigns have pivoted from a compromised developer to cloud admin in under 10 minutes. As agents join human developers, contractors, and service accounts in the SDLC, the attack surface is expanding faster than static security tools can track. Security teams need real-time visibility beyond code and into who has access and what they're actually doing.
This segment is sponsored by Apiiro. To lean more, visit https://securityweekly.com/apiirorsac.
How AI-Driven Development is Reshaping the Application Risk Landscape
Agent coding assistants are accelerating software development, generating more code and more change than security teams were built to handle. In this interview, Idan Plotnik discusses how AI-driven development is reshaping the application risk landscape and why traditional vulnerability management models can’t keep up.
Make sure to schedule a free SDLC Risk Assessment with BlueFlag Security - 30 minutes to deploy. 48 hours to results. Please visit https://securityweekly.com/blueflagrsac.
Idan is a serial entrepreneur and product strategist, bringing to Apiiro nearly 20 years of experience in cybersecurity. Previously, Idan was Director of Engineering at Microsoft following the acquisition of Aorato where he served as the founder and CEO.
Raj Mallempati is CEO & Co-founder of BlueFlag Security. Prior to launching BlueFlag, he most recently served as COO CIEM at Microsoft, through Microsoft’s acquisition of his prior company CloudKnox Security (acquired 2021). Prior to joining CloudKnox, Raj was the Senior Vice President of Marketing at Malwarebytes. Raj has also held positions as the Vice President of Global Marketing at MobileIron, Vice President of Product Marketing at Riverbed Technology, and was the Director of Marketing and Business Strategy at VMware. He holds an MBA from The Wharton School, University of Pennsylvania, MS, Computer Science from the University of Texas, and a B.Tech from Indian Institute of Technology, Madras.
Mike Shema
- Anthropic’s AI Coding Tool Leaks Its Own Source Code For The Second Time In A Year
Risky Business has had a good collection of articles and comments about this.
The aftermath has been an ironic journey of DMCA takedowns and so-called clean room implementations of Claude Code's behavior. We'll be seeing more of this kind of clean room rewrite laundered through LLMs. There's precedent for the general concept of such rewrites, but this particular approach hasn't been legally tested. Plus, who knows what the license and copyright angles look like.
I mention these rewrites because it ties into a larger discussion we've had on the show about the impact of coding agents on software projects and whether we'll see an abandonment of frameworks in favor of everyone creating their own bespoke solutions from some combination of markdown, coding agents, and the millions of unacknowledged lines of code the models have been trained on.
- Post Mortem: axios npm supply chain compromise · Issue #10636
It's like the XZ Utils compromise, but now with AI.
- MAD Bugs: vim vs emacs vs Claude – Calif
Everyone's showing off the fun bugs they're finding with LLMs. Probably because it's cooler than showing off bugs found with a fuzzer. And surely because it's simpler to prompt an agent than it is to instrument a project with a fuzzer. But who knows if it's any cheaper.
There's also a SQL injection reported against Ghost by Nicolas Carlini as part of his Unprompted presentation. The problem was a classic string concatenation fixed by using a parameterized query. It's the type of bug that becomes more critical when there's a demonstrated exploit, as in this case, but it's also the type of bug that should have just been avoided by a stricter coding style that forbade string concatenation for queries in the first place.
- Introducing EmDash — the spiritual successor to WordPress that solves plugin security
We've mostly avoided covering any WordPress plugin vuln because they're ubiquitous and boring. The real problem, as this article notes, is how WordPress designed the plugin architecture.
This is a type of appsec future I'd prefer to see -- creating new software with better designs and defaults. Using agents and LLMs to find bugs is fun, but feels so ephemeral and too often distracts attention from secure design principles.
It might also hint at a future where everyone rewrites their own projects and frameworks. Who knows!
- Don’t trust, verify | daniel.haxx.se
This article is a good list of scenarios that demonstrate threat modeling and a good list of coding styles and solutions that improve security without being explicit security controls.
What if we got rid of "appsec" and just called it good software engineering?
- [FYI] Phrack 73 Call For Papers
Submissions due by June!
