Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.

Operationally this week has been driven by the CircleCI breach alert and the warning to cycle all secrets that CircleCI had access to. This breach is suspected of being the enabler for various Github repository breaches towards the end of 2022. This incident is a wonderful advert for the value of the Thinkst Canary and specifically the deploy and forget model as a high signal source. Just look at what Daniel said: