"Claude Code emits OpenTelemetry natively across metrics and structured log events. This post covers what that telemetry contains, what detection categories it unlocks (unauthorized tool use, data exfiltration via #AI, MCP server abuse, and prompt injection), and why most teams currently have zero coverage on all four."

https://api.cyfluencer.com/s/detection-engineering-for-claude-code-part-1-26851

What do a háček, Kelp, and Kurdistan have in common?

They're all mentioned in today's Sherpa Intelligence #InfoSec & #DataPrivacy Weekend News Roundup!

Information Security & Data Privacy Weekend News Roundup: April 17-19, 2026
https://sherpaintelligence.substack.com/p/information-security-and-data-privacy-cb7

T1547.015 Login Items in MITRE ATT&CK Explained

T1547.015 Login Items is a technique in the MITRE ATT&CK framework under the Persistence tactic. It refers to the use of Login Items in macOS to automatically launch programs or scripts during user login. https://cybersec.picussecurity.com/s/t1547-015-login-items-in-mitre-att-ck-explained-26598

What do a háček, Kelp, and Kurdistan have in common?

They're all mentioned in my Monday morning newsletter.

Subscribe now and read about them tomorrow!

#InfoSec & #DataPrivacy Weekend News Roundup for April 17-19, 2026
https://open.substack.com/pub/sherpaintelligence/p/information-security-and-data-privacy-cb7?r=272cku&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true

The countdown to the weekend begins with Five for Friday! 5-4-Friday 🪩💃🕺Sherpa Intelligence: Your Guide Up a Mountain of Information!

Check out my new post with #InfoSec and #DataPrivacy news from this past week! https://sherpaintelligence.substack.com/p/five-for-friday-april-17-2026

Active exploitation is confirmed.

CVE-2026-3055 & CVE-2026-4368: Inside the NetScaler "CitrixBleed 3" Memory Overread

https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26793

"CVE-2026-40175: How Miggo Security Sees Beyond the CVSS 10.0 Base Score. It scores a 10.0, but real-world risk is far lower. Here’s why context matters more than severity."

https://api.cyfluencer.com/s/cve-2026-40175-how-miggo-sees-beyond-the-cvss-10-0-base-score-26774

Trying something new. Sort of a smörgåsbord of #InfoSec, #DataPrivacy, and random things.

Basecamp Briefing: Trail Mix for the Mind
https://sherpaintelligence.substack.com/p/basecamp-briefing-april-15-2026

"SLAM is an acronym used to quickly evaluate whether an email may be a phishing attempt. It guides users to examine four key elements that commonly reveal suspicious activity."

It stands for: Sender Links Attachments Message!

SLAM Method for a Comprehensive Phishing Prevention Guide ⛔️ 🎣
https://cybersec.picussecurity.com/s/slam-method-for-a-comprehensive-phishing-prevention-guide-26661