InfoSecSherpa

@[email protected]
5K Followers
396 Following
6.6K Posts
Your guide up a mountain of information!
Linktreehttps://linktr.ee/infosecsherpa
LinkedInhttps://www.linkedin.com/in/tzmaleeff/
Bloghttps://medium.com/@infosecsherpa
InfoSecSherpa2h ago

“None of the findings exceeded an impact score of Low. A multitude of typical errors and vulnerabilities are successfully negated, reflecting the development team’s acute awareness of web application security.” — Cure53 Security Report, March 2026

Pentest-Report Psono Console UI, REST API & Infra 03.2026
https://api.cyfluencer.com/s/security-audit-2026-cure53-26691

InfoSecSherpa12h ago

Sherpa Intelligence paid attention to the #InfoSec & #DataPrivacy news from over the weekend so you wouldn't have to!

Information Security & Data Privacy Weekend News Roundup: April 10-12, 2026
https://sherpaintelligence.substack.com/p/information-security-and-data-privacy-f03

InfoSecSherpa21h ago

"History is repeating itself as MCP servers become the new "service account problem," operating with broad privileges and minimal oversight across the enterprise."

MCP Servers and the Return of the Service Account Problem
https://go.aembit.io/s/mcp-servers-and-the-return-of-the-service-account-problem-26660

InfoSecSherpa1d ago

Dispatches from Basecamp: Guest Sherpa Elise Manna!

Read about the #security and #privacy aspects of the Architecture, Engineering, and Construction industries.

https://sherpaintelligence.substack.com/p/dispatches-from-basecamp-guest-sherpa

InfoSecSherpa1d ago
Happy #OrthodoxEaster to all who observe!
InfoSecSherpa2d ago
Axios npm Supply Chain Attack: Cross-Platform RAT Delivery via Compromised Maintainer Credentials https://cybersec.picussecurity.com/s/axios-npm-supply-chain-attack-cross-platform-rat-delivery-via-compromised-maintainer-credentials-26621
InfoSecSherpa3d ago

"France Launches Government #Linux Desktop Plan as Windows Exit Begins. France is transitioning government desktops to Linux, with each ministry required to formalize its implementation plan by autumn 2026."

https://linuxiac.com/france-launches-government-linux-desktop-plan-as-windows-exit-begins/

InfoSecSherpa3d ago

This article shows you when each OAuth flow applies, what security risks you’re accepting, and how modern secretless patterns eliminate those risks entirely. #BestPractices

2-Legged vs 3-Legged OAuth: Which Flow Fits Your Use Case?
https://go.aembit.io/s/2-legged-vs-3-legged-oauth-which-flow-fits-your-use-case-26595

InfoSecSherpa4d ago

"CamoLeak worked by hiding instructions inside pull request descriptions that the #AI assistant would execute on behalf of whoever opened the review."

CamoLeak: How GitHub Copilot Became An Exfiltration Channel
https://api.cyfluencer.com/s/camoleak-how-github-copilot-became-an-exfiltration-channel-26592

InfoSecSherpaApr 6

Sherpa Intelligence paid attention to the #InfoSec & #DataPrivacy news from over the weekend so you wouldn't have to!

Read the Information Security & Data Privacy Weekend News Roundup: April 3-5, 2026
https://open.substack.com/pub/sherpaintelligence/p/information-security-and-data-privacy-12f?r=272cku&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true