Enclave

NGINX Rift is the new 18-year-old nginx RCE. Every version since 2008 in scope. We scanned 1,465 configs from 528 popular GitHub repos to see how bad it really is. What we found, and where the real attack surface actually lives 👇

Enclave now has a native desktop app (macOS, Windows, Linux). If you’re doing security research and need to go local, run scripts, use your editor, and work on real files/repos without losing Enclave’s code security context, go to setting on Enclave and get started.

Link: enclave.ai/blog/nginx-rif…

NGINX Rift is the new 18-year-old nginx RCE. Every version since 2008 in scope. We scanned 1,465 configs from 528 popular GitHub repos to see how bad it really is. What we found, and where the real attack surface actually lives 👇

WATCH: Enclave's Independent Reviewer in action. Analyze every PR for security risks by following logic across files and services. Catch the architectural vulnerabilities traditional scanners miss. No separate backlogs. Get high-confidence findings and suggested fixes commented directly on your GitHub PRs. Start scanning now: enclave.ai

To exploit this to RCE you need: 1. ASLR disabled (or some way to leak info) 2. The nginx server configuration to have a "set" + "rewrite" directives. The rewrite has to have '?' in its replacement rule (second arg) So the attack surface is probably much less than what it seems. Nice finding and the part about the exploitation is also great, I recommend reading the blog.

75% of Google’s new code is AI-generated and that number will keep increasing. The role of engineers has shifted, The challenge is no longer writing the code, it’s verifying the architecture. When software is built at this scale, the risk isn’t in simple syntax errors. The real vulnerabilities are in the data flows between services and where trust boundaries are. Security has to move as fast as the tools generating code. That requires an independent perspective that can hold the context of an entire system at once. That’s where Enclave comes into play. bit.ly/48W8669

Amazing find! No patch exists for any distribution right now and the full weaponized PoC is already on @GitHub. Only mitigation is blacklisting three kernel modules. Put simply: splice() lets the kernel move file data without copying it. An attacker uses this to get page cache pages of files they can only read (like /usr/bin/su) into network buffers. Two kernel crypto paths (ESP and RxRPC) then do in-place operations on those buffers without realizing the pages belong to a protected file. The kernel writes directly into the cached copy, and now every process that reads that file sees the attacker’s version.​​​​​​​​​​​​​​​​ Neither bug works on every major distro alone but chained together they cover all of them. Fully deterministic, no race condition, compiles and runs in one line. If you patched for Copy Fail it doesn’t help here.

We just shipped v1 of code security review at @EnclaveAI. A lot has already been said about SAST, AI SAST, and everything in between. We're putting exploitability at the center, with cloud & runtime context coming next! Free plan is pretty generous (credit card needed), but happy to drop more credits in, if needed (DM me).

If you haven't tried @EnclaveAI yet, it's a must-have. It finds real vulnerabilities and you can connect their MCP to Claude Code / Codex to fix them!

AI security research is bottlenecked by context and exploitability, not pattern matching. The AI needs to understand how a system is shaped, where data flows, where trust boundaries sit, what role each component plays. Without that, you get the same noise every security team already drowns in. We shipped a new version of our Threat Map. It splits your workspace into sectors, each one covering a different potential threat vector and carrying the architecture, data flows, role model, dependencies, trust boundaries, and what to actually test before any research campaign starts. You pick the sectors you want to focus on and @EnclaveAI digs in with that context already loaded, and findings come back with potential impact, a fix prompt, and the technical details to reproduce them (PoC Box is coming soon). Whatever the vendor you choose, the shift I think matters most is from scanning to research. Real security work has always started from understanding the system, and AI is finally good enough to do that part of it.

AI has accelerated software development, but code review has become the real bottleneck to shipping. Teams are generating and changing code faster than ever, but security still has to keep up. Too often, that means shipping before the right fixes are in place. Enclave helps close the gap, giving every team the security depth to move fast without compromising safety. Ship secure code at AI speed: enclave.ai

Everyone is worried about AI replacing developers. They are looking at the wrong part of the equation. The reality? AI is creating a gold rush for security professionals. Look at the PocketOS story. An AI agent overstepped its trust boundaries, wiped a production database, and left the team digging through three-month-old backups. As autonomous agents become a standard part of the stack, entirely new attack vectors arise. When you grant agents over-permissive access to your infrastructure, the number of ways a system can fail grows exponentially. In an AI-native world, security is no longer just a department. It is the most important infrastructure a company owns and the hottest job in tech. gizmodo.com/claude-powered…

Enclave is built on a shift in AI capability. Models can now read large codebases with context and follow logic across services. We use this deep understanding to act as an independent reviewer for your software. We don’t help you write code. We help you decide if the code you already have is safe to run. Receive high-confidence findings that replace alert fatigue with absolute clarity.

Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations spr.ly/6013BBBZIf

I've discovered CVE-2026-32173 by steering a single agent The vuln: you could listen to anyone's AI chat stream on Azure SRE agent. Including LLM thinking, commands, tools. The auth check was there, but at the wrong place. Patched. Critical, Information Disclosure. $20k bounty

This is exactly why Enclave exists: to act as an independent reviewer for AI-driven code and systems. Full details here: enclave.ai/blog/anyone-co…

This wasn't just a leak. It was a privilege boundary violation. AI agents aggregate so much context that one small auth failure becomes a total system compromise.

Our CPO @yanir_ found a massive wiretap vuln in Microsoft’s new Azure SRE Agent. Anyone with a free Microsoft account could silently watch the agent work in real time. 🧵