The Berlin Bassline Brief logo

The Berlin Bassline Brief

Archives
Log in
Subscribe
July 16, 2026

Berlin Bassline Brief #10: Grok Build CLI repo uploading, an infostealer pretending to be a crash reporter, a paper claims LLMs aren't chaotic neutral, NIST helps with macOS, PCC

“The wealth required by nature is limited and is easy to procure; but the wealth required by vain ideals extends to infinity.”

Security, General:

Developers using xAI's Grok Build CLI learned it had apparently been uploading entire repos; bad luck for the 8-9 customers of the product: https://gist.github.com/cereblab/dc9a40bc26120f4540e4e09b75ffb547

Security, Apple Platforms:

CrashStealer: a C++ macOS infostealer posing as crash reporter: https://www.jamf.com/blog/crashstealer-macos-infostealer-analysis/

Interesting Paper:

Evaluating Moral and Ethical Alignment in Large Language Models: A Dungeons & Dragons Benchmark, by Jan Sawicki, M. Ganzha, M. Paprzycki: https://www.mdpi.com/2076-3417/16/13/6769

Interesting Tool:

The NIST macOS Security Compliance Project: https://github.com/usnistgov/macos_security

Apple Platforms Security Concept of the Week:

Private Cloud Compute: https://security.apple.com/blog/private-cloud-compute/




The Berlin Bassline Brief is curated and commentated by Halle Winkler, CEH, Berlin – get in touch if you could use security consulting, fractional AppSec leadership, or team training in the area of iOS and macOS secure development.

Don't miss what's next. Subscribe to The Berlin Bassline Brief:
Older → Berlin Bassline Brief #9: gemini-cli CI injection compromise, Hide My Email (Just Kidding), Repo crawling vuln scanner, new OWASP framework
Halle Winkler on LinkedIn
Powered by Buttondown, the easiest way to start and grow your newsletter.