Karim El-Melhaoui

cc @travismcpeak

Every supply-chain attack affecting the npm ecosystem, the most common apps I find vulnerable are the vibe-coded ones due to lack of version pinning.. If @Cursor and other coding platforms make pinning the default, we'll see less runtime environments affected.

First P1 achieved, unfortunately a duplicate.

Shai-Hulud 2.0, a tale of 4 graphs: many numbers have made the news in regards to this story - such as 800 compromised packages - but visualizing the data clearly shows the potential impact of hijacking even a small set of key packages (in terms of prevalence or dependents):

🚨 New Shai-Hulud-style npm attack hitting 25k+ repos and growing fast. Devs & CI/CD exposed via malicious preinstall. Wiz Research has detection + mitigation. Details: wiz.io/blog/shai-hulu…

First talk at @OsloBSides

@gauravphoenix Nordnet’s social forum is usually good for nordic stocks: nordnet.no/aksjer/kurser/…

@gauravphoenix Not an investment analysis but since you mention a Norwegian company: There’s declining interest rates affecting mortgage yield of Norwegian banks, they’ve had a historically good yield. There’s also the competitive landscape with Sparebank 1 SMN which is strong in the region

Melhus Sparebank ($MELG.OL) small Norwegian bank trades below book value. Yields 8%. Has paid dividends for the last 25 years (gone through GFC etc). low ROE but looks well capitalized. need to study this. anyone looked into it?

The schedule for fwd:cloudsec Europe is out, with a single track of high-quality talks over 2 days, along with “Birds of a Feather” interactive sessions! fwdcloudsec.org/conference/eur… Some sponsorship opportunities are still available

Great work by the @SpecterOps team adding Entra ID to GitHub attack paths! Will officially archive once I can validate it supports OIDC github.com/O3-Cyber/oidc-…

Another year in the books as a Microsoft MVP🎉

I’m left wondering how many unpaid AWS bills are related to this.

@0xdabbad00 That’s a solid one!

Folks coming to fwd:cloudsec, my face looks different. I have a beard. Come find me and let's chat about the new CTF I put together. lnkd.in/geRrC3aN

Front row seat on @paulschwarzen session presenting OWASP Domain Protect at @AppSecEU 👏

Reminder that the fwd:cloudsec Europe 2025 Call for Papers is open! First time speakers who requested feedback by May 30th and meet the submission criteria will receive feedback on how to improve during the second round. For more: fwdcloudsec.org/conference/eur…

@ainp0t @DrAzureAD Second this!

@DrAzureAD fwdcloudsec.org ? CFP opens soon. European conference would be 15-16.9. in Berlin

Due to recent events, I decided not to give any talks in the US until further notice. If you know any non-US conferences that has a CFP open, please let me know!

What happens if a lambda that puts an event to an S3 triggers on the same S3… I can’t afford to find out

🏃‍♂️Meet ImageRunner: A privilege escalation vulnerability I discovered in GCP Cloud Run. Thank you for the @GoogleVRP team for working closely with us on this one. *Stay tuned for more blogs to come! tenable.com/blog/imagerunn…

@CraigHRowland Interested in reading your research, where may I find it?

Tor and many other VPNs are not anonymous. About 10 years back I did anti-fraud research that caused ~50% of all mobile Tor browsers to leak their real IP addresses. I never used it since. Tor is also the most surveilled network on the planet. It's anti-anonymous.

@Flangvik @TrustedSec Awesome comeback

Super happy to re-join the amazing folks at @TrustedSec today! Thanks for welcoming me back home with open arms 🥰