Digest #222: AI breaches AWS in 72 hours, GitHub's agent leaks private repos, Argo CD cluster takeover and Lambda MicroVMs replace CI runners
Plus why you shouldn't trust Trusted Publishing, running local models for agentic coding, and PR preview environments that cut staging costs 78%.
A single attacker chained together application services, CI/CD pipelines, and secrets stores to compromise an entire AWS environment in 72 hours, and the responders tracking it say human-in-the-loop SIEM triage can’t keep pace with an AI moving that fast. The same week, GitHub’s AI agent was caught handing private repos to anyone who posted a nicely worded issue in a public repo, while an unpatched Argo CD flaw gave attackers full control of Kubernetes clusters. If you were counting on “Trusted Publishing” to keep your supply chain clean, one writeup this week argues that’s the wrong thing to trust.
Platform engineering on autopilot
Mendral is an autonomous AI DevOps engineer that handles the work your engineers shouldn’t be doing manually anymore: supply chain security, flaky CI, slow builds, and anything else specific to your stack - Try it out!
If you have feedback to share or are interested in sponsoring this newsletter, feel free to reach out via LinkedIn or simply reply to this email.
Newsworthy stories
Lone attacker uses AI to breach AWS cloud environment in 72 hours
Security flaw in Argo CD can let attackers take over Kubernetes clusters
I replaced my GitHub runners with Lambda MicroVMs, and maybe you should too
Tutorials of the week
Videos of the week
Projects of the week
kpt is a package-centric toolchain that treats Kubernetes configuration as data, allowing you to edit and deliver manifests using reusable transformation functions rather than templating.
Nox is a modular Go framework for attack surface management that bundles 300 built-in modules across 24 phases, taking you from passive OSINT to active vulnerability scanning.
dotenvx is a secure env manager from the creator of dotenv, encrypting .env files with public-key cryptography.
AnduinOS 2 is an Ubuntu-based Linux distribution designed to give newcomers a familiar, low-friction path to Linux, packaged almost entirely as shell scripts.
GeoSQL is a Python skill that turns Claude, Codex, and Copilot into geospatial analytics agents across PostGIS, BigQuery, and Snowflake.




