Bogdan Deac

Home
Newsletter
Poetry
About

Sign in Subscribe

photos

Arboretum Park Simeria

Bogdan Deac

22 Sep 2025 • 1 min read

PEAKS No 39: The Claude Code Files: Source Leaks, AI Emotions, Supply Chain Chaos & Privacy Wars

Hi there! 🛡️ Security & Privacy * Vertex AI vulnerability allowed malicious agents to exfiltrate Google Cloud data and access private Artifact Registry images — exploiting excessive default permissions in the P4SA service agent. Patch by enforcing least privilege and using BYOSA. More * axios supply chain attack: a hijacked npm maintainer account published

07 Apr 2026 4 min read

PEAKS No 38: Chips, Chat Control & Supply Chain Chaos

Hi there! 🛡️ Security & Privacy * GrapheneOS reaffirms its no-ID, no-account policy, pledging to remain globally accessible to anyone without collecting personal information — even if device sales become restricted in certain regions. More * Sysdig launches runtime security purpose-built for AI coding agents, extending its cloud-native protection platform to monitor, detect, and

31 Mar 2026 4 min read

PEAKS No 37: Coding Agents Meet Chrome DevTools, Unicode Malware Returns, Local AI Goes Mainstream

Hi there! 🛡️ Security & Privacy * Glassworm Returns with Unicode Attacks - Invisible PUA Unicode characters exploiting 150+ GitHub repositories, npm packages & VS Code extensions simultaneously using AI-crafted commits. More * DarkSword iOS Exploit in Infostealer Campaign - New vulnerability targeting iPhones via malicious apps stealing credentials and sensitive data at

24 Mar 2026 3 min read

Bogdan Deac © 2026

Powered by Ghost