xAI’s Grok CLI uploaded users’ entire home directories – SSH keys, password managers, all of it

The big story today is xAI’s Grok CLI uploading entire home directories to Google Cloud – SSH keys, password databases, everything. That’ll wake you up.

// SECURITY FOCUS

xAI’s Grok CLI uploaded users’ entire home directories – SSH keys, password managers, all of it

Any engineer who ran `grok` in their home directory should treat their SSH keys, API tokens, and password manager database as compromised – the tool silently exfiltrated to xAI’s GCP buckets before the community caught it. The blast radius depends entirely on where you invoked it: a project subdirectory is survivable, `~/` is not. No official explanation from xAI yet, which makes scope assessment harder.

What to do: Rotate any credentials stored under your home directory, audit ~/.ssh, ~/.aws, and your password manager exports, then block the grok binary until xAI publishes a clear postmortem.

  1. Microsoft patches 570 security flaws in a single Patch Tuesday – nearly triple last month’s record — Krebs on Security · Jul 14
    Microsoft’s July 2026 Patch Tuesday fixes 570 vulnerabilities – nearly triple June’s record count – with the company attributing the surge to AI-assisted vulnerability discovery. Nearly 60 flaws are rated critical, and three are zero-days, two of which are already being exploited in the wild. Active exploitation includes a SharePoint RCE (CVE-2026-56164) that Microsoft had originally rated “exploitation less likely” before CISA added it to the Known Exploited Vulnerabilities list on July 1 – a misclassification that Tenable’s Satnam Narang ties directly to an exploitability index calibrated for human attackers, not AI tools: Anthropic’s Mythos Preview model produced working proof-of-concept exploits for 13 of 14 flaws Microsoft had rated unlikely to be exploited. Other highlights include a Copilot RCE (CVE-2026-48561, CVSS 9.6) triggerable via a malicious website and a BitLocker bypass (CVE-2026-50661) requiring physical access. Adobe is also moving to twice-monthly patch releases citing the same AI-driven acceleration, and Google shipped over 900 fixes in June 2026. Given the volume, Krebs recommends waiting a few days before patching to let stability regressions surface.
  2. Slack built Shipyard, a full EC2 fleet management platform, because Chef at their scale stopped being enough — Slack Engineering · Jul 14
    Slack built Shipyard after hitting the ceiling of what Chef-based configuration management could safely do across tens of thousands of EC2 instances – infrastructure drift, service-level deployment gaps, and cross-layer coordination complexity were the breaking points. Shipyard treats EC2 fleets as deployable artifacts rather than long-lived mutable instances: teams build AMIs layered on a hardened base image called slack-zero, then roll them out through a deployment orchestrator called Gondola that supports progressive rollouts with metrics-based automatic rollback. A companion inventory system called Peekaboo, built on EventBridge, OpenSearch, and Lambda, replaces Chef Server as the fleet source of truth and tracks even non-Shipyard instances. Configuration is applied once during image bake or initial provisioning rather than continuously enforced in the background, and instances are rotated on a fixed schedule to stay effectively immutable. The platform targets workloads that can’t move to containers – Kubernetes worker nodes, egress network stacks, and other infrastructure components – so this is less about replacing k8s and more about bringing container-style deployment discipline to the EC2 workloads that were never going to containerize.
  3. CISA contractor left AWS GovCloud keys in a public GitHub repo for six months — Krebs on Security · Jul 13
    A CISA contractor uploaded 844 MB of sensitive data – including AWS GovCloud admin keys and a plaintext password CSV for dozens of internal systems – to a public GitHub repo named “Private CISA,” where it sat for roughly six months before GitGuardian researcher Guillaume Valadon flagged it to KrebsOnSecurity in May 2026. CISA had already received nine automated alerts from GitGuardian before that notification and ignored all of them. Once notified, the agency still took over 48 hours to rotate the AWS keys, citing system complexity and federal partner interdependencies. CISA’s own postmortem, authored by acting CIO Preston Werntz and acting CISO Brad Libbey, admits its incident-reporting channels were poorly defined – the researcher ended up trying the contractor directly, the vulnerability disclosure platform, and a reporter before getting traction. The takeaways aren’t novel but the source is: a national cybersecurity agency publicly endorsing continuous secrets scanning over quarterly audits, better security.txt hygiene, and separate reporting channels for infrastructure incidents versus product bugs. CISA says logs confirmed no customer or mission data was accessed and the leaked credentials weren’t used outside its own environments; the contractor lost system access.
  4. Ted Ts’o led a discussion on growing ext4 regressions in stable kernels at LSFMMBPF 2026 — LWN.net · Jul 15
    Ts’o flagged a pattern of ext4 regressions slipping into stable kernel releases and walked through what better testing coverage would need to look like. Worth reading for anyone running ext4 on production Linux and tracking stable kernel updates.
  5. How bitdrift handled 121 million concurrent gRPC connections on CloudFront for a live sports broadcast — AWS Architecture · Jul 15
    bitdrift, a mobile observability platform built by ex-Lyft engineers, hit a thundering herd failure during T20 World Cup cricket matches when Route 53 Weighted routing returned a single IP per DNS response – causing every CloudFront edge node to pile onto the same NLB for the full 60-second TTL window. On the February 27th event, roughly 80% of requests failed with HTTP 500s despite the team scaling from 2 to 6 NLBs, because adding origins had no effect while Weighted routing still handed out one IP at a time. The fix was a single DNS policy change: switching to Multi-Value Answer routing, which returns up to 8 IPs per query with per-record health checks. After the March 4th change, CloudFront edge nodes immediately spread connections across all 6 NLBs, and bitdrift served 121 million concurrent devices at 110K+ requests per second with zero server-side errors. If you’re running CloudFront with multiple origin load balancers behind persistent-connection protocols like gRPC or WebSocket, Weighted routing is a trap – Multi-Value Answer is the right policy.

// In other news

ai

cloud

culture

  • DSLs Enable Reliable Use of LLMs (Martin Fowler) · Jul 14 — Martin Fowler argues DSLs constrain LLM output space enough to make generated code reliably correct – concrete framing for teams where free-form codegen keeps producing plausible-but-wrong results.
  • Microservice dogma nearly tanked our seed round (LeadDev) · Jul 15 — A founder’s postmortem on how premature microservice decomposition at seed stage burned runway and nearly killed the company before a forced monolith consolidation stabilized the platform.
  • Fragments: July 13 (Martin Fowler) · Jul 13 — Fowler’s notes from Thoughtworks’ Future of Software Development retreat touch on how AI tooling is shifting the boundary between junior and senior work – brief but substantive.
  • AI-coding agents spread through peer pressure, not mandates (LeadDev) · Jul 13 — LeadDev reports that AI coding agent adoption inside teams spreads via peer observation rather than top-down mandates – has implications for how you introduce or block tool rollouts.

dev

  • crates.io: development update (Rust Blog) · Jul 13 — crates.io’s six-month update covers sparse index performance improvements, token scoping changes, and upcoming deprecation of older auth flows that affect CI pipelines publishing crates.

iac

k8s

  • Building a Custom Metrics Exporter for Kubernetes (Kubernetes Blog) · Jul 14 — Official Kubernetes blog walks through building a custom metrics exporter for HPA scaling on application-level signals like queue depth – fills the gap where CPU/memory targets fall short.
  • HAMi becomes a CNCF incubating project (CNCF Blog) · Jul 15 — HAMi, which provides GPU sharing and vGPU slicing across Kubernetes nodes, reached CNCF incubating status – relevant if you’re trying to bin-pack GPU workloads without per-pod full allocation.
  • Blog: Introducing Flux Schema and the Ecosystem Catalog (Flux CD) · Jul 13 — Flux now ships schema validation and an ecosystem catalog, letting you catch misconfigured HelmRelease or Kustomization objects at PR time rather than during reconciliation.
  • Operating OpenTelemetry at scale with OpAMP (CNCF Blog) · Jul 13 — OpAMP lets you remotely reconfigure and update OTel Collectors across a fleet without redeploying – the CNCF post covers the protocol and reference implementation for large heterogeneous deployments.
  • On-prem DBaaS in 2026: Platforms, standards, and gaps (CNCF Blog) · Jul 15 — CNCF survey of on-prem DBaaS options in 2026 maps which operators (CloudNativePG, Percona, etc.) cover which engines and where the self-service experience still breaks down for platform teams.

linux

obs

sec

sre

web

Rotate your keys. Read the CISA postmortem. Don’t run unknown CLIs from your home directory.

Leave a comment