Malicious skills are evolving, and attackers are finding ways to execute them before model-level defenses even activate.
In the first post of our new series, I’ll show you how dynamic context in coding agents can introduce new supply chain risks:
securitylabs.datadoghq.com/articles/mal...
securitylabs.datadoghq.com
Learn how malicious Claude Code skills can abuse dynamic context commands to execute before model-level prompt injection defenses can intervene.
Looks like the latest version of Codex has a required review/trust system for hooks. This is a great way to protect developers as threat actors have started to abuse hooks more and more.
Interested in attending @fwdcloudsec.org but bummed you didn’t get a ticket? There are a few for sale from people who couldn’t make it last minute. Check out the Cloud Security Forum Slack to get yours and attend the best cloud security conference on earth.
