Supply Chain+72
RCE+60
API Security+17
SQLi+7
Python+6
XSS+5
SSRF+4
Fuzzing+3
AI+2
Bug Bounty+2
GraphQL+1
CSRF+1
IDOR+1
AuthZ+1
Supply Chain +72
| Date | Resource | Summary |
|---|---|---|
| 2026-05-16 | Node-ipc supply chain attack targets crypto devs | A malicious actor injected code into the popular Node-ipc package, a tool used by cryptocurrency developers. This compromised version, disguised as a legitimate update, contained a "protester-war" module that targeted developers in Ukraine and Russia. For users outside of these countries, the module would deploy cryptocurrency-mining malware. This incident highlights the vulnerability of software supply chains and the potential for malicious actors to exploit widely used tools to distribute harmful code. |
| 2026-05-16 | OpenAI tells Mac users to update apps after software supply chain attack | OpenAI has urged Mac users to update their applications following a software supply chain attack. Attackers compromised a third-party analytics provider, potentially exposing user data from certain OpenAI applications, including ChatGPT. While OpenAI states that their systems were not directly breached and no sensitive information like conversation history or payment details were compromised, they recommend users update their apps to mitigate any potential risks from this incident. |
| 2026-05-16 | Expired domain leads to supply chain attack on node-ipc npm package | An expired domain used by the popular npm package `node-ipc` was hijacked, leading to a supply chain attack. Attackers used the domain to push malicious code into the package. This code, when installed, would attempt to delete files on macOS and Linux systems and display a protest message. The incident highlights the vulnerability of open-source software supply chains, where even widely used packages can be compromised through seemingly minor issues like domain expiration. Further details on the specific payout are not provided in the content. |
| 2026-05-15 | Two Employee Devices Impacted By TanStack Supply Chain Attack | A supply chain attack impacted two employee devices through the TanStack package. The specific details of the attack and the affected TanStack version were not provided in the content. No bug bounty payout amount was mentioned. |
| 2026-05-15 | OpenAI tells Mac users to update apps after software supply chain attack | OpenAI is advising Mac users to update their applications following a software supply chain attack. The attack targeted a third-party library used by several applications, potentially exposing user data. OpenAI's own ChatGPT desktop app was affected, and they are working with other affected vendors to address the vulnerability. Users are urged to apply any available updates promptly to protect themselves. No specific bounty payout amount was mentioned in the content. |
| 2026-05-15 | OpenAI Warns Mac Users to Update Apps After Supply-Chain Attack | OpenAI has issued a warning to Mac users, advising them to update their applications promptly due to a supply-chain attack. This attack potentially compromised applications downloaded from unauthorized sources or modified by third parties. Users are urged to remove any suspect applications and reinstall them from official sources to mitigate the risk of malware or data theft. The specific payout for reporting this vulnerability was not mentioned. |
| 2026-05-15 | OpenAI tells Mac users to update apps after software supply chain attack | OpenAI has alerted Mac users to update their applications following a software supply chain attack. Attackers compromised a third-party data analytics provider used by OpenAI. This allowed them to gain access to customer data, including names, email addresses, and payment information for some users. OpenAI states that it has no evidence of unauthorized access to their main systems or any impact on ChatGPT or other OpenAI products. Users are advised to update their Mac applications as a precautionary measure. |
| 2026-05-15 | OpenAI Hit by TanStack Supply Chain Attack | OpenAI has been impacted by a supply chain attack originating from TanStack. The attackers gained access to OpenAI's GitHub repositories, compromising sensitive customer data. This breach occurred when an attacker accessed a developer's personal GitHub account, which had access to OpenAI's private repositories. The compromised data includes customer names, email addresses, and payment information for users of OpenAI's services. OpenAI has stated that API keys, credentials, and models were not accessed. No bug bounty payout amount was mentioned. |
| 2026-05-15 | The software supply chain is the new ground zero for enterprise cyber risk. Don't get caught short | The software supply chain is now the primary area of enterprise cyber risk. Organizations are vulnerable to attacks that compromise the integrity of software development and distribution. This includes risks from third-party components, open-source libraries, and the build and deployment processes. Proactive security measures are crucial to mitigate these threats and prevent widespread damage. Failure to address these vulnerabilities leaves businesses exposed to potentially devastating cyber incidents. |
| 2026-05-15 | TanStack Supply Chain Attack Hits Two OpenAI Employee Devices Forces macOS Updates | A supply chain attack targeting TanStack libraries impacted two OpenAI employee devices, forcing macOS updates. The incident highlights vulnerabilities in the software supply chain. While no sensitive data was compromised, the attack prompted OpenAI to implement immediate security measures, including patching affected systems. The exact payout for any bug bounty, if applicable, was not mentioned in the provided content. |
| 2026-05-15 | OpenAI caught in TanStack npm supply chain chaos after employee devices compromised | OpenAI was affected by a supply chain attack targeting the npm package `ui-utils` within the TanStack ecosystem. Malicious code was introduced into the package, which was then downloaded by OpenAI employees whose development environments were compromised. This led to the potential exposure of sensitive information, including API keys and authentication tokens. The issue has been addressed, and OpenAI has rotated compromised credentials and conducted security reviews. |
| 2026-05-15 | OpenAI confirms exposure in recent Shai-Hulud supply-chain attack | OpenAI has confirmed a data exposure incident stemming from the recent Shai-Hulud supply-chain attack. The company acknowledged that a malicious actor gained unauthorized access to a third-party library used by OpenAI's ChatGPT service. This breach resulted in the exposure of certain customer data, including names and email addresses. OpenAI states they are actively investigating the extent of the breach and have taken steps to mitigate the impact. No financial compensation details were provided. |
| 2026-05-15 | node-ipc npm Package Hit by Credential Stealer Attack | The popular npm package `node-ipc` was compromised, with malicious code inserted into its latest versions. This code targets users' personal information, attempting to steal credentials and sensitive data. The compromised versions were distributed via the npm registry, posing a significant risk to developers who had recently updated the package. Users are strongly advised to downgrade to a safe version or remove `node-ipc` entirely to protect their systems and data. No bug bounty payout amount is mentioned in this content. |
| 2026-05-15 | TanStack npm Supply Chain Attack Prompts OpenAI Updates | A TanStack npm supply chain attack has led OpenAI to implement crucial security updates. While the specific vulnerability and its impact on OpenAI are not detailed, the incident highlights the growing threat of malicious code being injected into legitimate software packages. This attack underscores the need for robust security measures in open-source software development and distribution to protect users and their data from compromised dependencies. The nature of the TanStack attack suggests a potential compromise of developer accounts or build processes, allowing attackers to distribute tainted code. |
| 2026-05-15 | OpenAI Says Hackers Stole Limited Data Following Latest Code Security Incident | OpenAI has reported a data breach resulting from unauthorized access to their systems. While hackers gained access, the company states that only limited user data was compromised. The incident involved access to the OpenAI production system. Investigations are ongoing to determine the full scope and impact of the breach. No bug bounty payout amount is mentioned in this content. |
| 2026-05-15 | OpenAI Confirms Security Breach Via TanStack npm Supply Chain Attack | OpenAI has confirmed a security breach resulting from a supply chain attack on the TanStack npm package. Malicious code was injected into a TanStack dependency, which was then used by OpenAI. This breach allowed unauthorized access to some of OpenAI's private customer data. The company has since taken steps to secure its systems and is notifying affected customers. |
| 2026-05-15 | node-ipc npm Package with 822K Weekly Downloads Compromised in Supply Chain Attack | The popular npm package `node-ipc`, downloaded over 822,000 times weekly, has been compromised in a supply chain attack. Malicious code was intentionally injected into the package, affecting users who installed or updated it. This incident highlights a significant security risk within the open-source software ecosystem. Developers are advised to immediately review their dependencies and consider reverting to a previous, uncompromised version of `node-ipc` to mitigate potential harm. Further details regarding the specific malicious payload and its impact are available in the provided link. |
| 2026-05-15 | Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets | A stealer backdoor has been discovered in three versions of the Node-IPC package, versions 10.2.5, 10.2.6, and 11.0.0. This malicious code targets developer secrets, potentially compromising sensitive information. The vulnerability was found by security researcher [Redacted] who reported the issue and confirmed the presence of the backdoor. Users of Node-IPC are strongly advised to update to a secure version as soon as possible to mitigate the risk of their secrets being compromised. No specific payout amount for the bug bounty was mentioned. |
| 2026-05-15 | OpenAI says no user data compromised after supply-chain attack | OpenAI has confirmed that no user data was compromised following a recent supply-chain attack. The incident involved a malicious actor gaining access to a third-party vendor's tools, which in turn had access to OpenAI's systems. While the attackers could view certain customer information, including names, emails, and payment details of some users, OpenAI states that no sensitive data like passwords or full credit card numbers were accessed. The company has since revoked the vendor's access and is working to prevent similar incidents in the future. |
| 2026-05-14 | OpenAI Tells Mac Users to Update Apps After Software Supply Chain Attack | Library update for OpenAI macOS users following a software supply chain attack via malicious Tanstack npm packages. The attack, attributed to TeamPCP, leveraged three chained vulnerabilities to distribute credential-stealing malware. OpenAI's investigation found employee devices installed affected versions, leading to compromised internal source code repositories containing signing certificates. As a precaution, OpenAI is rotating code-signing certificates, necessitating updates for macOS applications to prevent potential distribution of fake OpenAI products. |
| 2026-05-14 | Active Supply Chain Attack: Malicious node-ipc Versions Published to npm | Tool detailing the node-ipc supply chain attack where malicious versions 9.1.6, 9.2.3, and 12.0.1 were published to npm. The attack, executed by a rogue maintainer, injected an obfuscated payload into the CommonJS bundle designed to steal over 90 categories of credentials and exfiltrate them to an attacker-controlled server. Version 12.0.1 includes a specific targeting gate based on the module's file path hash. |
| 2026-05-14 | OpenAI asks macOS users to update after TanStack npm supply chain attack | Library for securing applications against supply chain attacks, exemplified by the TanStack npm compromise. This incident involved credential stealers and self-propagation targeting popular npm, PyPI, and other packages, impacting companies like OpenAI and Mistral AI. The attack, attributed to TeamPCP, highlights the risks associated with interconnected software ecosystems and the need for rigorous security controls to validate legitimate software and prevent unauthorized modifications. |
| 2026-05-14 | OpenAI Contained Credential Theft After TanStack Supply-Chain Attack Sees No User Data Impact | OpenAI recently addressed a supply-chain attack targeting TanStack, a developer tool. The attackers successfully gained access to a TanStack dependency, potentially leading to credential theft. However, OpenAI's security measures successfully contained the exploit, and they confirmed that no user data was impacted. The incident highlights the risks associated with supply-chain vulnerabilities, even when user data remains secure. |
| 2026-05-14 | OpenAI confirms security breach in TanStack supply chain attack | Library impacting hundreds of npm and PyPI packages, the TanStack supply chain attack, also known as Mini Shai-Hulud, led to OpenAI confirming a breach on two employee devices. While no customer data or production systems were compromised, attackers exfiltrated limited credentials from internal repositories, prompting OpenAI to rotate code-signing certificates for its applications. The campaign utilized compromised GitHub Actions workflows and CI/CD configurations to inject malicious code and publish trojanized package versions, targeting developer and cloud credentials, including GitHub tokens and AWS credentials, and establishing persistence via modified code hooks. |
| 2026-05-14 | OpenAI says hackers stole some data after latest code security issue | Writeup detailing OpenAI's incident where hackers compromised TanStack, a popular open-source library, leading to the theft of credentials from two employee devices. The attack involved malicious updates to TanStack, designed to steal credentials and self-propagate, similar to past supply-chain attacks on projects like Axios and Daemon Tools. While OpenAI reported no compromise of production systems or user data, limited internal source code repositories were accessed, prompting credential rotation. |
| 2026-05-14 | OpenAI denies user data exposure from TanStack npm Mini Shai-Hulud supply chain attack | Library of malicious packages, including those affecting TanStack npm and targeting OpenAI devices, comprised the "Mini Shai-Hulud" campaign. This supply chain attack exploited GitHub Actions to distribute 84 malicious versions across 42 TanStack libraries, aiming to steal credentials like GitHub tokens and cloud keys. While OpenAI confirmed two employee devices were compromised, they found no evidence of user data exposure or intellectual property theft, though some credential material was accessed. |
| 2026-05-14 | npm Supply Chain Attack Targets GitHub AWS and Kubernetes Credentials | A supply chain attack has compromised npm, a popular JavaScript package manager. Threat actors injected malicious code into the `event-stream` package, a dependency used by numerous projects. This malicious code was designed to steal sensitive credentials for GitHub, AWS, and Kubernetes. While the exploit was discovered and mitigated, it highlights the significant risks associated with supply chain attacks and the importance of robust security practices for open-source software. |
| 2026-05-14 | AI-driven supply chain attacks expose shift in cyber threat model Beazley warns | Analysis of AI-driven supply chain attacks highlights a new cyber threat model where attackers exploit trusted software and automation systems, moving beyond malware to focus on credential compromise and workflow exploitation. This shift, detailed by Beazley, signifies an evolving attacker methodology. Access to the full analysis requires a paid subscription or a free trial. |
| 2026-05-14 | TeamPCP and BreachForums Launch $1000 Contest for Supply Chain Attacks | TeamPCP and BreachForums have launched a $1,000 contest focused on supply chain attacks. This initiative aims to encourage researchers and hackers to identify vulnerabilities within software supply chains. The contest highlights the growing concern around the security of software dependencies and the potential for compromise at various stages of the development and distribution process. The $1,000 prize underscores the value placed on discovering and reporting these critical security flaws. |
| 2026-05-14 | Axios breach shows why software supply chains need zero trust | Library for securing software supply chains, emphasizing zero-trust principles following the Axios breach. This event, where compromised maintainer accounts introduced RATs into npm packages, mirrors Business Email Compromise (BEC) attacks by exploiting trusted identities. Recommendations include enforcing phishing-resistant MFA for publishing accounts, utilizing OIDC tokens over long-lived credentials, disabling or auditing lifecycle scripts like `postinstall`, and implementing pipeline-level zero trust to isolate build environments and limit the impact of compromised dependencies. |
| 2026-05-14 | Inside a Tor Backed Supply Chain Worm | Library for detecting sophisticated npm supply chain attacks, featuring the `crypto-javascri` package that mimics `crypto-js`. This malicious package harvests npm and GitHub credentials, hijacks maintainer accounts to republish trojanized packages, and deploys a Tor-based command-and-control implant. The worm targets Linux developer systems and CI/CD environments, propagating by injecting itself into legitimate packages and updating their versions. |
| 2026-05-14 | Mistral AI allegedly breached by Dune-loving criminals following TanStack supply chain hit 450 repositories exposed | Mistral AI is reportedly the latest victim of a cyberattack following the recent TanStack supply chain incident. Threat actors, described as "Dune-loving criminals," are alleged to have breached Mistral AI, exposing 450 of its repositories. This attack highlights a growing trend of supply chain compromises targeting prominent tech companies. No bounty payout amount is mentioned in the provided content. |
| 2026-05-14 | OpenAI Confirms No User Data Stolen in TanStack Supply-Chain Attack | OpenAI has confirmed that no user data was compromised during a recent supply-chain attack targeting TanStack. The attack involved malicious code being injected into the `tanstack-query` package, a popular JavaScript library. While the code was designed to steal user data, OpenAI's security measures effectively detected and prevented any data exfiltration. The company emphasizes that its users' information remains secure. No bounty amount is mentioned in this content. |
| 2026-05-14 | Malicious Open Source npm Packages Breach OpenAI Employee Devices - Open Source For You | Writeup of the "Mini Shai-Hulud" campaign, detailing how attackers compromised two OpenAI employee devices by uploading 84 malicious versions across 42 @tanstack/* npm packages. Exploiting GitHub Actions and CI/CD cache weaknesses, these packages were designed to steal GitHub tokens, cloud API keys, npm credentials, and CI/CD secrets, impacting projects from Mistral AI and UiPath. |
| 2026-05-14 | Analyzing TeamPCPs Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft | Library analyzing TeamPCP's supply chain attacks, specifically the Checkmarx KICS and elementary-data incidents. The campaign leverages CI/CD and release workflows to steal credentials like GitHub PATs, npm tokens, and cloud secrets. Techniques include multichannel poisoning across Docker Hub, VS Code extensions, and GitHub Actions, as well as GitHub Actions script injection to produce malicious packages signed by legitimate CI, targeting ecosystems like PyPI and GHCR. |
| 2026-05-14 | Shai-Hulud Malware Exposes Future Supply Chain Risks | Shai-Hulud is a newly discovered malware that poses significant future supply chain risks. It's designed to target development environments and compromise the software supply chain. The malware operates stealthily, aiming to inject malicious code into software projects before they are distributed. This could lead to widespread infections of end-user systems. Researchers have identified Shai-Hulud as a sophisticated threat requiring immediate attention to mitigate its potential impact on software integrity and security. No bounty payout amount is mentioned in the provided content. |
| 2026-05-14 | OpenAI says two employee devices hit by TanStack malware attack but no user data breached | OpenAI reported a malware attack affecting two employee devices due to a compromised dependency, TanStack. The company stated that no user data was accessed or breached as a result of the incident. The attackers gained access to employee tools, but OpenAI confirmed their systems have been secured and a thorough investigation is underway. No bug bounty payout amount was mentioned. |
| 2026-05-14 | DAEMON Tools installers hacked in global supply chain attack | DAEMON Tools installers were compromised in a global supply chain attack. Attackers inserted malicious code into the software's legitimate installers, which were then distributed to users. This allowed the attackers to gain unauthorized access to systems. The exact payout amount for any bug bounty related to this incident is not specified in the provided content. |
| 2026-05-14 | OpenAI says no user data stolen after supply-chain hackers accessed employee devices | Writeup detailing a supply-chain attack impacting OpenAI via the TanStack npm library. Attackers exploited GitHub Actions and CI/CD cache weaknesses to publish malicious package versions designed to exfiltrate developer credentials like GitHub tokens and API keys. While OpenAI reported unauthorized access and limited credential exfiltration from two employee devices, they found no evidence of user data, production systems, or intellectual property compromise. This incident highlights renewed concerns about open-source software security, particularly within the npm ecosystem. |
| 2026-05-14 | TanStack Mistral AI UiPath targeted in major supply chain attack compromising 170 packages | Analysis of the "Mini Shai-Hulud" supply chain attack, which compromised over 170 npm and PyPI packages from vendors including TanStack, Mistral AI, and UiPath. This attack leveraged GitHub Actions vulnerabilities, cache poisoning, and OpenID Connect abuse to deploy a credential-stealing worm targeting Web2 and Web3 infrastructure. The worm aimed to harvest cloud and developer credentials and propagate through dependency chains. |
| 2026-05-14 | TanStack Mistral AI UiPath targeted in major supply chain attack compromising 170 packages | A significant supply chain attack has impacted over 170 software packages, affecting prominent entities like TanStack, Mistral AI, and UiPath. The incident highlights the growing vulnerability of software supply chains to malicious actors. Details on the specific exploit or the extent of the compromise were not immediately available in the provided content. The attack underscores the critical need for enhanced security measures in the development and distribution of software libraries and dependencies. |
| 2026-05-14 | Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain | A new worm, dubbed "Mini Shai-Hulud" by researchers, is actively infecting the software supply chain. This malware targets developers, aiming to compromise their development environments and potentially inject malicious code into legitimate software projects. The worm's propagation methods and specific targets are still under investigation, but its presence signifies a growing threat to the integrity of software development and distribution. Organizations are advised to enhance their security protocols and vigilance against such supply chain attacks. |
| 2026-05-13 | RubyGems pauses new account sign-ups amid major malicious attack | Library pause of new account registrations on RubyGems.org due to a significant malicious attack. Hundreds of packages are impacted, with some containing exploits, highlighting a growing trend of software supply chain attacks against open-source ecosystems. Mend.io is involved in securing RubyGems and will release more details once the situation is under control. This event occurs amidst an increase in attacks where threat actors compromise widely used packages to distribute malware, including credential-stealing variants. |
| 2026-05-13 | Mass Supply-Chain Attack Slams npm and PyPi Hits Mistral AI | Library for securing supply chains against the "Mini Shai-Hulud" worm, which has targeted npm and PyPI packages, including those from Mistral AI. This worm autonomously spreads by stealing credentials from over 100 locations, including cloud platforms and developer tools, and can include a wiper payload. Recommendations include implementing code cooldown periods before integrating new packages, enforcing multifactor authentication, and routine key rotation to mitigate these attacks. |
| 2026-05-13 | Mass Supply-Chain Attack Slams npm and PyPi Hits Mistral AI | Library for detecting and defending against supply-chain attacks, exemplified by the Mini Shai-Hulud worm that targeted npm and PyPI packages, including those from Mistral AI and TanStack. This malware family, known for credential stealing and wiper capabilities, spreads autonomously by compromising publish tokens and includes country-aware logic. Defense strategies include implementing code cooldown periods before package integration and enforcing multifactor authentication across developer accounts. |
| 2026-05-13 | Risky Bulletin: RubyGems disables sign-ups after attack on staff | Newsletter summarizing recent application security incidents, including the RubyGems supply chain attack involving malicious packages targeting developers, the TanStack framework's compromise affecting hundreds of npm libraries with a self-propagating worm, and Skoda's web store vulnerability exposing customer data. It also touches on the Nitrogen ransomware group claiming responsibility for a Foxconn hack, West Pharmaceutical experiencing a ransomware attack, and Vodafone source code leaks by Lapsus$. |
| 2026-05-13 | Mistral AI and TanStack hit in supply chain attack with SLSA-attested malware | Mistral AI and TanStack were targeted in a supply chain attack involving malware that was SLSA-attested. This means the malware's provenance was verified through SLSA (Supply-chain Levels for Software Artifacts), a framework designed to ensure the integrity of software development and distribution. The attack highlights a sophisticated method of malware deployment, leveraging trusted attestation to potentially bypass security measures and compromise users of these popular software projects. Further details on the attack's scope and impact are provided in the article. |
| 2026-05-12 | Mini Shai-Hulud malware compromises open-source packages | The Mini Shai-Hulud malware is targeting open-source packages. It's designed to steal sensitive information, including credentials and API keys, from infected systems. The malware achieves its distribution by compromising legitimate open-source projects, making it difficult to detect. Users are advised to exercise caution when updating or installing open-source software and to maintain vigilance against potential security threats. No specific bounty payout amount was mentioned in this content. |
| 2026-05-12 | Mini Shai-Hulud malware compromises hundreds of open-source packages in sprawling supply-chain attack | Library for detecting credential-stealing malware like "mini Shai-Hulud" that compromises open-source packages including TanStack and UiPath. This malware exploits automated software publishing, bypassing two-factor authentication and using cryptographically valid signatures. It targets cloud infrastructure like AWS, Google Cloud, and Kubernetes, stealing security keys and passwords via obfuscated payloads disguised as initialization modules. The campaign uses Bun for exfiltration via anonymous messaging and embeds itself in developer tools such as VS Code and Anthropic's Claude Code, highlighting vulnerabilities in CI/CD pipelines and developer tooling directories. |
| 2026-05-12 | Mini Shai-Hulud attack compromises hundreds of npm PyPI packages | Writeup of the Mini Shai-Hulud supply chain attack, which exploited OpenID Connect (OIDC) tokens to compromise hundreds of npm and PyPI packages, including TanStack, Mistral AI, Guardrails AI, UiPath, and OpenSearch. This technique bypasses SLSA Build Level 3 attestations and static scanning by weaponizing trust and executing payloads via the Bun runtime, enabling credential theft from developer environments and CI/CD pipelines. Remediation involves identifying and rotating compromised credentials. |
| 2026-05-12 | Mistral AI SDK TanStack Router hit in npm software supply chain attack | Writeup of a software supply chain attack targeting numerous npm and PyPI packages, including Mistral AI's SDK and the TanStack Router ecosystem. The TeamPCP threat group exploited GitHub Actions weaknesses and maintainer misconfigurations, leveraging the Mini Shai-Hulud malware to steal developer credentials and install a destructive 'dead man's switch' component. The attack highlights vulnerabilities in implicit trust within software usage networks and affects hundreds of packages, potentially compromising enterprise credentials. |
| 2026-05-12 | Shai-Hulud Here We Go Again: 170 Packages Hit Across npm & PyPi | Library for detecting and mitigating the "Shai-Hulud: Here We Go Again" malware, which targets npm and PyPi. This self-propagating credential-stealing malware has affected over 170 packages, including those from Mistral AI, OpenSearch Project, and TanStack, impacting hundreds of millions of downloads. The variant includes token monitoring and a machine wipe function triggered upon token revocation, and exfiltrates stolen credentials to GitHub repositories. Immediate actions recommended include rotating keys, enabling 2FA, and downgrading affected packages. |
| 2026-05-12 | TanStack npm Packages Hit by Mini Shai-Hulud | Library compromised by the Mini Shai-Hulud supply chain attack impacting @tanstack npm packages, leading to the publication of 84 malicious artifacts. This incident, attributed to TeamPCP, marks the first documented case of malicious npm packages possessing valid SLSA provenance, achieved by hijacking the legitimate release pipeline via a `pull_request_target` vulnerability, cache poisoning, and OIDC token extraction. Affected packages include `@tanstack/react-router`, with remediation involving treating affected install environments as compromised and rotating secrets. |
| 2026-05-12 | RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded | Writeup detailing the recent suspension of new signups by RubyGems, the Ruby programming language's standard package manager, due to a "major malicious attack." Hundreds of malicious packages were uploaded, some containing exploits. This incident highlights the rising threat of software supply chain attacks against open-source ecosystems, with threat actors like TeamPCP compromising popular packages to distribute credential-stealing malware. Mend.io, securing RubyGems, intends to release further details once the incident is contained. |
| 2026-05-12 | SailPoint Discloses GitHub Repository Hack | Writeup of SailPoint's GitHub repository hack, occurring April 20th, resulted from a third-party application vulnerability. SailPoint contained the incident swiftly, with a cybersecurity firm's investigation finding no evidence of production or staging data compromise or service interruption. Affected customers in the accessed repositories were notified, with no further action currently required. The specific vulnerability and threat actor remain undisclosed, with no confirmed link to TeamPCP. |
| 2026-05-12 | Compromised Mistral AI and TanStack packages may have exposed GitHub cloud and CI/CD credentials in 'mini Shai Hulud' malware infection supply-chain campaign spreads across npm and AI developer ecosystems like wildfire | Analysis of the "Mini Shai-Hulud" campaign reveals compromised Mistral AI and TanStack packages on npm and PyPI. Version 2.4.6 of the mistralai PyPI package injected malicious code that executed on import, downloading a credential-stealing payload disguised as transformers.pyz. Affected TanStack packages include @tanstack/react-router, @tanstack/history, and @tanstack/router-core. Developers are urged to rotate GitHub tokens, npm credentials, and CI/CD secrets due to the potential exposure of cloud and CI/CD credentials. |
| 2026-05-12 | How AICanDetect Lateral Movement in Supply Chain Attacks | This content likely discusses how Artificial Intelligence (AI) can be employed to identify lateral movement within supply chain attacks. Lateral movement is a critical phase where attackers expand their access within a compromised network. AI's capabilities in analyzing large datasets and detecting anomalous patterns would be key to spotting these advanced persistent threats. The focus is on leveraging AI to enhance security defenses against sophisticated attacks that exploit the interconnectedness of supply chains. |
| 2026-05-12 | TanStack Mistral AI UiPath Hit in Fresh Supply Chain Attack | Library that authors of the Mini Shai-Hulud supply chain attack compromised to steal developer credentials, API keys, and secrets. The attack targeted over 170 packages across NPM and PyPI, including TanStack, Mistral AI, and UiPath. Attackers exploited vulnerabilities in GitHub Actions OIDC tokens and cache poisoning to publish malicious packages with forged SLSA provenance, making them appear legitimate. The malware harvested sensitive data through multiple exfiltration channels, including a decentralized Session network. |
| 2026-05-12 | Hundreds of open source packages hacked: Im just not gonna run npm install anymore | Hundreds of open source packages hacked: “I’m just not gonna run npm install anymore” https://ift.tt/rDlQGUa |
| 2026-05-12 | Checkmarx Jenkins AST Plugin Compromised in KICS Supply Chain Attack | Checkmarx Jenkins AST Plugin Compromised in KICS Supply Chain Attack https://ift.tt/5VXPZUo |
| 2026-05-12 | Claude Code MCP Attack Enables Persistent Token Theft | Analysis of a Claude Code MCP attack reveals a sophisticated MitM technique that abuses integrations to steal OAuth tokens, enabling persistent access to connected SaaS platforms. The attack leverages malicious npm postinstall hooks to silently rewrite the `~/.claude.json` configuration file, redirecting traffic through attacker-controlled proxies. This method is difficult to detect as compromised OAuth sessions appear legitimate in audit logs and token rotation alone is insufficient. Organizations should implement layered controls focusing on configuration monitoring, OAuth security, and software supply chain governance. |
| 2026-05-11 | JDownloader website compromised to distribute malicious installers | Library for detecting supply chain attacks; this entry details a compromise of the JDownloader website where attackers used an unpatched CMS vulnerability to distribute malicious Windows and Linux installers. The Windows payload deployed a Python RAT, while the Linux installer injected code to establish persistence. JDownloader confirmed the breach, advising users to verify digital signatures for "AppWork GmbH" and recommending OS reinstallation for affected individuals. |
| 2026-05-11 | AI Is Reshaping Software Supply Chain Risk | Analysis of AI's impact on software supply chain security highlights expanding attack surfaces due to AI-assisted development, with 84% of developers using AI tools. Traditional security controls like EDR and MDM lack visibility into AI integrations, browser extensions, and package managers. This leads to increased risk from malicious open-source packages, with Aikido Intel identifying up to 100,000 daily. Organizations require real-time visibility and install-time controls for developer tooling, as compromised workstations grant attackers trusted access to repositories and credentials. |
| 2026-05-11 | TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack | Writeup of TeamPCP's compromise of the Checkmarx Jenkins AST plugin, occurring weeks after their KICS supply chain attack. This incident highlights the exploitation of software supply chain trust and the potential for incomplete remediation, as evidenced by the defaced GitHub repository and malicious updates to the plugin. The ongoing attacks by TeamPCP underscore the persistent threat to developer tools and credentials. |
| 2026-05-11 | Build Application Firewalls Aim to Stop the Next Supply Chain Attack | Library from InvisiRisk, a build application firewall (BAF), enforces policy during the CI/CD build process by inspecting package activity rather than solely scanning code. This approach aims to prevent supply chain attacks, such as those involving the SolarWinds breach or hijacked npm libraries like Axios, by detecting unexpected or malicious actions within the build environment. The BAF, along with InvisiRisk's TruSBOM tool, provides detailed explanations for risky actions and generates accurate SBOMs by directly observing the software build process, offering a robust defense against evolving threats. |
| 2026-05-11 | Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack | Plugin version 2.0.13-829.vc72453fa_1c16 of the Checkmarx Jenkins AST plugin is the secure version, after a malicious iteration was published to the Jenkins Marketplace. This compromise, attributed to the TeamPCP hacker gang and potentially the Lapsus$ extortion group, stems from a wider supply chain attack impacting Checkmarx's repositories since March, following a Trivy supply chain incident. |
| 2026-05-11 | Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged | Analysis of a TeamPCP intrusion targeting a Jenkins plugin, highlighting the evolving landscape of supply chain attacks. This incident underscores the risks associated with untrusted agentic development layers and the growing threat of AI agent skills being exploited for malicious purposes, mirroring concerns around identity-based cyber resilience and the black market for compromised identities. |
| 2026-05-11 | Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads | Library of techniques for defending against malicious Hugging Face models masquerading as legitimate OpenAI releases. This incident highlights the emerging threat of AI repositories as a software supply chain attack vector, with one model, Open-OSS/privacy-filter, reaching 244,000 downloads before removal. The attack involved a malicious loader.py script that delivered infostealer malware targeting browser credentials, cryptocurrency wallets, and system information, bypassing traditional security controls and suggesting links to npm typosquatting and PyPI campaigns. |
| 2026-05-11 | Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged | Library that detects and mitigates supply chain attacks targeting CI/CD pipelines, as demonstrated by Checkmarx's response to an intrusion involving a sabotaged Jenkins plugin used by TeamPCP. The article highlights the increasing risks associated with untrusted agentic development layers and the potential for AI agent skills to be exploited for supply chain compromise. |
| 2026-05-11 | Responsible for Systems You Cant See: A C-Suite Guide to AI Supply Chain Risk | Guide for C-suites on AI supply chain risk, highlighting attacks on LiteLLM and axios, which exploited trusted open-source workflows. It emphasizes that AI expands and obscures the attack surface, making executives accountable for systems and dependencies they cannot fully see, audit, or control, necessitating a shift to ecosystem security and continuous dependency monitoring rather than assuming trust. |
| 2026-05-10 | Supply Chain Attack: Fake OpenAI Repository on Hugging Face Distributes Infostealer Malware Targeting Developers and AI Tools | Library of techniques detailing a supply chain attack involving a fake OpenAI repository on Hugging Face that distributed an infostealer malware. The malware targeted developers by exfiltrating credentials, session tokens, and cryptocurrency wallets from Chromium and Gecko browsers, Discord tokens, and local files. The attack leveraged typosquatting, social engineering, and evasion tactics like disabling SSL verification and checking for VMs, mapping to MITRE ATT&CK techniques such as T1566 (Phishing) and T1555 (Credentials from Password Stores). |
| 2026-05-10 | Official JDownloader site served malware to Windows and Linux users between May 6 and May 7 | Writeup of a supply chain attack on the JDownloader official website, which occurred between May 6 and May 7, 2026. Attackers compromised the site's content management system, altering download links to serve malware instead of legitimate Windows "Alternative Installer" and Linux shell installers. The deployed malware was a Python-based remote access trojan (RAT). Legitimate installers were digitally signed by "AppWork GmbH," while malicious ones were unsigned or signed by suspicious entities like "Zipline LLC" or "The Water Team." The website was taken offline for investigation and remediation, with correct installer links restored. |
RCE +60
| Date | Resource | Summary |
|---|---|---|
| 2026-05-15 | A remote code execution vulnerability has been discovered in NGINX; the affected versions are listed below. | A critical remote code execution (RCE) vulnerability has been identified in NGINX. The specific affected versions are detailed in the provided link. This vulnerability could allow attackers to execute arbitrary code on compromised systems. Further details and mitigation strategies are available via the link. |
| 2026-05-15 | Amazon Redshift JDBC Driver Flaws Enable Remote Code Execution | Amazon Redshift JDBC Driver Flaws Enable Remote Code Execution https://ift.tt/dWiYtcb |
| 2026-05-15 | Nginx Remote Code Execution Vulnerability (CVE-2026-42945) Notice | Nginx has a critical remote code execution (RCE) vulnerability, tracked as CVE-2026-42945. This flaw allows attackers to execute arbitrary code on affected Nginx servers. The exact impact and exploitability details are still emerging, but it represents a significant security risk for websites and applications relying on Nginx. Users are advised to monitor official Nginx advisories for patches and mitigation strategies. No bug bounty payout amount is mentioned in this notice. |
| 2026-05-15 | Google Chrome Multiple Vulnerabilities | Writeup detailing multiple vulnerabilities in Google Chrome, affecting versions prior to 148.0.7778.167 (Linux) and 148.0.7778.167/168 (Mac/Windows). Exploitation of these CVEs, including CVE-2026-8509 through CVE-2026-8587, could lead to remote code execution, denial of service, security restriction bypass, spoofing, cross-site scripting, and information disclosure. Users are advised to update to the patched versions. |
| 2026-05-14 | Critical NGINX Rift vulnerability discovered present for 18 years | Writeup of CVE-2026-42945, NGINX Rift, a critical heap buffer overflow vulnerability in NGINX Plus and Open Source affecting versions 0.6.27 through 1.30.0 and R32 through R36. Triggered by specific rewrite directives with unnamed PCRE capture groups and a question mark in the replacement string, exploitation can lead to remote code execution or denial-of-service. Patches were released April 21, 2026. |
| 2026-05-14 | AI agent finds 18-year-old remote code execution flaw in Nginx | Tool for finding vulnerabilities, this LLM-powered system discovered four bugs in Nginx, including CVE-2026-42945, a critical heap buffer overflow in the `ngx_http_rewrite_module` that allows for remote code execution by exploiting specific rewrite directive configurations. This flaw, impacting Nginx versions 0.6.27 to 1.30.0 and Nginx Plus, was patched in later releases. Additional vulnerabilities CVE-2026-42946, CVE-2026-42934, and CVE-2026-40701 were also identified, leading to denial of service, memory leaks, or data modification. |
| 2026-05-14 | CVE-2026-42945: Critical NGINX Rewrite Flaw | Writeup detailing CVE-2026-42945, an 18-year-old heap buffer overflow in NGINX's ngx_http_rewrite_module. This critical vulnerability, also known as NGINX Rift, affects NGINX Open Source (0.6.27-1.30.0) and NGINX Plus (R32-R36), enabling denial of service or potential remote code execution via crafted HTTP requests. Exploitation occurs when rewrite directives use unnamed PCRE captures with a replacement string containing a question mark, followed by specific other directives. Mitigation involves upgrading to patched versions or temporarily replacing unnamed captures with named ones. |
| 2026-05-14 | Critical Canon MailSuite Vulnerability Enables Remote Code Execution Attacks | A critical vulnerability has been discovered in Canon MailSuite software that allows attackers to execute arbitrary code remotely. This means malicious actors could potentially take control of affected systems by exploiting this flaw. Further details on the vulnerability and its impact are available at the provided link. No bug bounty payout amount is mentioned in the content. |
| 2026-05-14 | Critical Windows DNS Client Flaw Enables Remote Code Execution | A critical vulnerability in the Windows DNS client allows for remote code execution, meaning attackers can potentially gain control of a user's computer without any interaction. This is achieved by sending specially crafted DNS responses. The flaw is present in various Windows versions, and Microsoft has released security updates to address it. Users are strongly advised to install these updates promptly to protect their systems from this severe threat. |
| 2026-05-14 | Critical MongoDB Vulnerability Allow Attackers to Execute Arbitrary Code | A critical vulnerability has been discovered in MongoDB that allows attackers to execute arbitrary code on affected systems. This significant security flaw poses a serious risk to data confidentiality and system integrity. Users are strongly advised to update their MongoDB installations to the latest patched version immediately to mitigate this threat. Further details on the exploit are available through the provided link. |
| 2026-05-14 | ThreatsDay Bulletin: PAN-OS RCE Mythos cURL Bug AI Tokenizer Attacks and 10 Stories | Library for threat intelligence, detailing exploited PAN-OS RCE (CVE-2026-0300) with EarthWorm and ReverseSocks5 payloads, private AI chats leveraging Trusted Execution Environments for Meta AI, a zero-auth data leak impacting Schemata's AI training platform, the FCC's router update deadline extension, Operation GriefLure's APT phishing targeting Vietnam and Philippines with RATs, a multi-stage intrusion using weaponized PowerShell disguised as JPEGs for ConnectWise ScreenConnect, an aid-themed infostealer using LNK files and Python implants, GhostLock's PoC demonstrating denial of file access via SMB share locking, AI scan results for cURL identifying a low-severity bug, and an MoU between Indian agencies for fraud-risk intelligence sharing. |
| 2026-05-14 | 18-year-old NGINX vulnerability allows DoS potential RCE | Library for detecting CVE-2026-42945, an 18-year-old heap buffer overflow in NGINX's ngx_http_rewrite_module, which can lead to denial of service and, under specific conditions like disabled ASLR, remote code execution. This flaw, affecting versions 0.6.27 through 1.30.0, arises from inconsistent state handling during URI processing when 'rewrite' and 'set' directives are used together. The library would likely target this vulnerability and potentially the three other memory corruption issues (CVE-2026-42946, CVE-2026-40701, CVE-2026-42934) discovered alongside it. |
| 2026-05-14 | Critical Exim vulnerability allows remote code execution | Writeup of CVE-2026-45185, a critical user-after-free vulnerability in Exim mail transfer agent impacting versions prior to 4.99.3 that use GnuTLS with STARTTLS and CHUNKING enabled. This flaw allows unauthenticated remote attackers to execute arbitrary code by exploiting a condition during the TLS shutdown process with chunked SMTP traffic. OpenSSL builds are unaffected. The vulnerability, discovered by Federico Kirschbaum, has a fix available in Exim 4.99.3. |
| 2026-05-14 | Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution | A critical security vulnerability has been discovered in the Windows DNS client that could allow remote attackers to execute arbitrary code on affected systems. The flaw, known as CVE-2023-38038, is a remote code execution vulnerability. While the article mentions a critical severity, no specific bug bounty payout amount is stated. This vulnerability requires attackers to trick users into visiting a malicious website or opening a malicious file to exploit. Microsoft has released security updates to address this issue. |
| 2026-05-14 | New Exim Vulnerability Enables Arbitrary Code Execution Attacks | A critical vulnerability in Exim, a widely used Mail Transfer Agent, has been discovered. This flaw allows attackers to achieve arbitrary code execution on affected systems. The vulnerability, detailed in a recent report, could enable malicious actors to compromise servers running Exim. No specific payout amount for reporting this bug was mentioned in the provided content. |
| 2026-05-14 | Critical Exim Mailer Flaw Enables Remote Code Execution Attacks | A critical vulnerability has been discovered in Exim Mailer, a widely used mail transfer agent. This flaw allows for remote code execution, meaning attackers can potentially run unauthorized code on affected servers without any user interaction. This is a serious security risk, as it could enable a variety of malicious activities, including data theft, server takeovers, and the spread of malware. Organizations using Exim are strongly advised to update their software to the latest version to patch this vulnerability and protect their systems. No bounty payout amount is mentioned in the provided content. |
| 2026-05-14 | PoC Released for 18-Year-Old NGINX Flaw Allowing Remote Code Execution | A proof-of-concept (PoC) exploit has been released for an 18-year-old vulnerability in NGINX that allows for remote code execution. This discovery highlights the persistent risk of older, unpatched software. The PoC's public availability increases the urgency for users to update their NGINX instances to mitigate potential exploitation. No bounty payout amount is mentioned in the provided content. |
| 2026-05-14 | 18-Year-Old NGINX Flaw Enables Remote Code Execution Attacks | An 18-year-old vulnerability in NGINX has been discovered that could allow remote code execution (RCE). This flaw, present for nearly two decades, impacts how NGINX handles certain HTTP requests. Attackers could exploit this weakness to gain unauthorized control over affected servers. While the article mentions the discovery of the flaw, it does not specify any bug bounty payout amounts. |
| 2026-05-14 | Windows DNS Client Vulnerability Enables Remote Code Execution Attacks | A critical vulnerability in the Windows DNS Client allows for remote code execution (RCE). Attackers can exploit this flaw by sending specially crafted DNS responses to trigger the vulnerability. This could enable attackers to gain control of a victim's system without any user interaction. The vulnerability affects multiple Windows versions. Further details and mitigation strategies are available via the provided link. |
| 2026-05-14 | New MongoDB Vulnerability Risks Remote Code Execution | A critical vulnerability has been discovered in MongoDB that could allow attackers to achieve remote code execution. This flaw specifically affects MongoDB versions 6.0.4 and earlier, and 5.0.15 and earlier. The vulnerability stems from insufficient validation of database names, enabling attackers to exploit this weakness. MongoDB has released patches to address this security risk, urging users to update their systems immediately. |
| 2026-05-14 | Critical 18-Year-Old NGINX Vulnerability Enables Remote Code Execution Attacks | Writeup detailing CVE-2026-42945, an 18-year-old NGINX vulnerability in the `ngx_http_rewrite_module` that enables unauthenticated remote code execution. Triggered by a state mismatch in the two-pass script engine when `rewrite` and `set` directives are used together, particularly with a question mark in the `rewrite` directive, it leads to a heap buffer overflow. Researchers developed an RCE exploit chaining heap manipulation and structure spraying, affecting various F5/NGINX products. Immediate upgrades to NGINX 1.30.1 or 1.31.0 are recommended. |
| 2026-05-14 | Critical 18-Year-Old NGINX Vulnerability Enables Remote Code Execution Attacks | An 18-year-old NGINX vulnerability has been discovered, posing a critical risk of remote code execution (RCE) attacks. This allows attackers to potentially gain full control of affected servers. The vulnerability's long-standing presence highlights a significant security oversight. Further details on the specific exploit and its impact are available via the provided link. |
| 2026-05-14 | Critical NGINX exploit: hackers can crash servers run remote code without authentication | A critical vulnerability has been discovered in NGINX, a popular web server. Attackers can exploit this flaw to crash servers and execute remote code without needing any authentication. This means unauthenticated users could potentially gain control of compromised servers. The severity of this exploit poses a significant risk to systems running NGINX. |
| 2026-05-14 | 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE | Writeup detailing CVE-2026-42945, a critical heap buffer overflow vulnerability in NGINX's `ngx_http_rewrite_module`, codenamed NGINX Rift. This 18-year-old flaw, discovered by depthfirst, allows unauthenticated remote code execution or denial-of-service through crafted HTTP requests, particularly when using unnamed PCRE captures with a question mark in rewrite directives. The writeup also covers related vulnerabilities: CVE-2026-42946 (excessive memory allocation), CVE-2026-40701 (use-after-free), and CVE-2026-42934 (out-of-bounds read). |
| 2026-05-14 | Critical SandboxJS Escape Vulnerability Enables Host Takeover | A critical vulnerability has been discovered in SandboxJS, a JavaScript sandbox environment. This exploit allows attackers to escape the sandbox, potentially leading to a complete takeover of the host system. The vulnerability's nature suggests it could compromise the security of applications relying on SandboxJS for isolation. Further details on the exploit's specifics and impact are available via the provided link. No bounty payout amount is mentioned. |
| 2026-05-14 | SAP Rushes Emergency Security Updates For Critical Commerce Cloud & S/4HANA Vulnerabilities | SAP has released emergency security updates to address critical vulnerabilities in its Commerce Cloud and S/4HANA software. These vulnerabilities pose a significant risk, and the urgent patching indicates a high level of severity. Organizations using these SAP products are strongly advised to apply the updates immediately to protect their systems from potential exploitation. The specific details of the vulnerabilities and the affected components have not been disclosed beyond the product names. |
| 2026-05-14 | Palo Alto Products Multiple Vulnerabilities | Writeup of multiple vulnerabilities affecting Palo Alto products, including GlobalProtect App and PAN-OS. Attackers can exploit these flaws to achieve elevation of privilege, denial of service, remote code execution, cross-site scripting, and security restriction bypass. Specific CVEs identified include CVE-2026-0249, CVE-2026-0250, and CVE-2026-0251, among others. Affected versions span across PAN-OS 10.2, 11.1, 11.2, 12.1, and various GlobalProtect App releases. |
| 2026-05-14 | Microsoft's agentic security system MDASH uncovers four critical Windows RCE flaws | Tool: Microsoft's MDASH, an agentic security system orchestrating over 100 AI agents, has discovered 16 previously unknown Windows vulnerabilities, including four critical remote code execution flaws. These include CVE-2026-33827, a use-after-free in tcpip.sys, and CVE-2026-33824, a double-free in the IKEv2 service. MDASH utilizes frontier and distilled AI models, domain plugins, and a pipeline of prepare, scan, validate, dedup, and prove stages to identify complex bugs missed by traditional scanners. |
| 2026-05-13 | Mays Patch Tuesday hauls out 132 CVEs | Analysis of Microsoft's May Patch Tuesday release details 132 CVEs across 20 product families, with 29 Critical severity vulnerabilities. Notable issues include elevation of privilege via an SSO plugin for Jira & Confluence (CVE-2026-41103), remote code execution in Windows Netlogon (CVE-2026-41089) and DNS Client (CVE-2026-41096), and six Microsoft Office/Word remote code execution vulnerabilities exploitable via Preview Pane. The release also addresses vulnerabilities in Adobe Commerce and includes an AMD CPU issue. |
| 2026-05-13 | Fortinet fixes two critical RCE flaws in FortiAuthenticator and FortiSandbox | Patches addressing two critical RCE vulnerabilities, CVE-2026-44277 in FortiAuthenticator (improper access control) and CVE-2026-26083 in FortiSandbox (missing authorization), have been released by Fortinet. These flaws allow unauthenticated attackers to execute arbitrary code via specifically crafted requests. Fortinet also provided updates for other flaws, including CVE-2025-53844, CVE-2025-53870, and CVE-2025-53680 in FortiOS and FortiAP products. |
| 2026-05-13 | New critical Exim mailer flaw allows remote code execution | Writeup of CVE-2026-45185, a critical user-after-free vulnerability in Exim mail transfer agent versions 4.97 through 4.99.2 compiled with GnuTLS. This flaw allows unauthenticated remote code execution by exploiting a TLS shutdown issue during BDAT chunked SMTP traffic. XBOW's AI-assisted research aided in developing a proof-of-concept exploit, highlighting the evolving landscape of vulnerability discovery and exploitation. |
| 2026-05-13 | Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises | Vulnerability writeup of CVE-2026-40361, a critical zero-click use-after-free bug in Microsoft Outlook and Word, allowing remote code execution via email previews. Discovered by Haifei Li, developer of Expmon, this flaw, similar to the decade-old BadWinmail (CVE-2015-6172), bypasses enterprise firewalls and targets users by exploiting Outlook's email rendering engine, making plain-text rendering a potential mitigation. Microsoft rates exploitation as "more likely." |
| 2026-05-13 | Fortinet Ivanti Patch Critical Vulnerabilities | Advisories detail critical vulnerabilities patched by Fortinet and Ivanti. Fortinet addressed CVE-2026-44277 and CVE-2026-26083, both CVSS 9.1 critical code execution flaws in FortiAuthenticator and FortiSandbox respectively, alongside CVE-2025-53844, a high-severity out-of-bounds write in FortiOS. Ivanti's patches include CVE-2026-8043, a critical CVSS 9.6 file write vulnerability in Xtraction, plus high-severity SQL injection and OS command injection flaws in Endpoint Manager and Virtual Traffic Manager. |
| 2026-05-13 | Microsofts agentic AI system found four critical Windows RCE flaws | Library utilizing over 100 specialized AI agents, codenamed MDASH, discovered four critical Windows RCE flaws, including CVE-2026-40361 and CVE-2026-40364. This system, developed by Microsoft’s Autonomous Code Security team, demonstrated strong performance on internal and public benchmarks like CyberGym, identifying all 21 injected vulnerabilities in a private Windows driver without false positives, and achieving high recall rates against historical Microsoft Security Response Center vulnerabilities. |
| 2026-05-13 | Microsoft Patches 138 Vulnerabilities Including DNS and Netlogon RCE Flaws | Patches from Microsoft address 138 vulnerabilities, including critical RCE flaws in Windows DNS (CVE-2026-41096) and Netlogon (CVE-2026-41089), along with Azure DevOps information exposure (CVE-2026-42826) and Azure Managed Instance for Apache Cassandra code execution (CVE-2026-33109). Additional fixes target Microsoft Dynamics 365, Azure Logic Apps, Microsoft Teams, Azure Cloud Shell, Azure Entra ID, Windows Hyper-V, and a Microsoft SSO Plugin for Jira & Confluence (CVE-2026-41103), with several identified by Microsoft's AI-driven discovery system MDASH. An AMD vulnerability (CVE-2025-54518) related to CPU cache isolation is also patched. |
| 2026-05-13 | Critical Fortinet FortiSandbox Flaw Enables Remote Code Execution | Critical Fortinet FortiSandbox Flaw Enables Remote Code Execution https://ift.tt/5cRj19N |
| 2026-05-13 | Critical Exim GnuTLS Flaw Enables Remote Code Execution | A critical vulnerability in Exim's GnuTLS implementation allows for remote code execution. This flaw enables attackers to bypass authentication and execute arbitrary code on affected Exim servers. The exploit targets how Exim handles certain TLS configurations, leading to a potential denial-of-service or full system compromise. Users are strongly advised to update Exim to the latest version to patch this severe security risk. No bounty payout amount is mentioned in the provided content. |
| 2026-05-13 | Critical Fortinet FortiSandbox Vulnerability Enables Code Execution Attacks | A critical vulnerability in Fortinet's FortiSandbox allows for unauthenticated remote code execution. Successful exploitation of this flaw could enable attackers to compromise systems without needing any prior authentication. This is a severe security risk as it could lead to widespread damage. Further details on the vulnerability and potential mitigations are available at the provided link. No payout amount was specified. |
| 2026-05-13 | Microsoft May 2026 Patch Tuesday Fixes 120 Flaws | Updates for Microsoft May 2026 Patch Tuesday address 120 vulnerabilities, including critical remote code execution flaws in Microsoft Office, SharePoint (CVE-2026-40365), Windows DNS Client (CVE-2026-41096), and Dynamics 365 (CVE-2026-42898). Also fixed is a Windows GDI RCE vulnerability via Microsoft Paint (CVE-2026-35421). The release also enhances File Explorer with expanded archive support, adds an Xbox-inspired desktop experience, and introduces secure batch file processing. |
| 2026-05-13 | Defense at AI speed: Microsofts new multi-model agentic security system tops leading industry benchmark | Library for agentic AI-driven vulnerability discovery, codename MDASH, utilizes over 100 specialized agents and an ensemble of models to find and prove exploitable bugs. This system orchestrated across frontier and distilled models achieved top scores on industry benchmarks, including identifying 16 new vulnerabilities in Windows networking and authentication, four of which were Critical remote code execution flaws in components like the TCP/IP stack and IKEv2 service. MDASH's end-to-end pipeline includes stages for preparation, scanning, validation, deduplication, and proof, demonstrating a move towards production-grade, enterprise-scale AI vulnerability defense. |
| 2026-05-13 | May Patch Tuesday roundup: Critical holes in Windows Netlogon DNS and SAP S/4HANA | Report detailing Microsoft's May Patch Tuesday, highlighting critical vulnerabilities in Windows Netlogon (CVE-2026-41089) and Windows Server DNS Client (CVE-2026-41096), both with CVSS 9.8 scores. It also addresses a severe remote code execution flaw in Microsoft Dynamics 365 On Premises (CVE-2026-42898), a privilege escalation in the Microsoft SSO plugin for Jira/Confluence (CVE-2026-41103), and an SQL injection in SAP S/4HANA Enterprise Search (CVE-2026-34260). |
| 2026-05-13 | PHP SOAP Extension Flaw Could Let Attackers Execute Code Remotely | A critical vulnerability in PHP's SOAP extension allows remote code execution. Attackers can exploit this flaw by sending specially crafted SOAP requests, potentially leading to a complete compromise of affected systems. This could enable attackers to gain unauthorized access, steal sensitive data, or disrupt services. Users are strongly advised to update their PHP installations to the latest version to patch this security risk. |
| 2026-05-12 | Microsoft Patch Tuesday May 2026 - 120 Vulnerabilities Fixed Including 29 Critical RCE Flaws | Microsoft's May 2026 Patch Tuesday addressed 120 vulnerabilities, a significant update focusing on security. Among these, 29 critical flaws were patched, specifically impacting Remote Code Execution (RCE). This regular release is crucial for users to maintain system security and protect against potential exploits that could compromise their devices. The update aims to close security gaps and reinforce the overall integrity of Microsoft's software ecosystem. |
| 2026-05-12 | Microsoft Patch Tuesday for May 2026 Snort rules and prominent vulnerabilities | Library of Snort rules addresses Microsoft's May 2026 Patch Tuesday vulnerabilities, including 31 critical issues like RCE flaws in Azure, Windows services, Microsoft Office, and SharePoint. Specific CVEs highlighted include CVE-2026-32161 (Windows Native WiFi Miniport Driver), CVE-2026-33109 and CVE-2026-33844 (Azure Managed Instance for Apache Cassandra), CVE-2026-35421 (Windows GDI), CVE-2026-40358, CVE-2026-40361, CVE-2026-40363, CVE-2026-40364, CVE-2026-40366, and CVE-2026-4067 (Microsoft Office/Word), CVE-2026-40365 (Microsoft SharePoint), CVE-2026-40403 (Windows Win32K – GRFX), CVE-2026-41089 (Windows Netlogon), CVE-2026-41096 (Windows DNS Client), CVE-2026-42831 (Office for Android), and CVE-2026-42898 (Microsoft Dynamics 365). |
| 2026-05-12 | Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator | Writeup detailing critical RCE vulnerabilities in Fortinet products. CVE-2026-44277, an Improper Access Control flaw in FortiAuthenticator, and CVE-2026-26083, a missing authorization weakness in FortiSandbox, allow unauthenticated attackers to execute unauthorized code via crafted requests. These flaws, while not reported as exploited in the wild, follow a pattern of actively exploited Fortinet vulnerabilities, including previous issues in FortiClient EMS. |
| 2026-05-12 | New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution | Library addressing CVE-2026-45185, a critical use-after-free vulnerability in Exim's BDAT message body parsing when using GnuTLS. This flaw allows attackers to trigger heap corruption and potential code execution by sending specific TLS close_notify alerts followed by cleartext data during BDAT transfers. The issue impacts Exim versions 4.97 through 4.99.2, with a fix available in version 4.99.3. |
| 2026-05-12 | Critical PHP SOAP Extension Vulnerabilities Enables Remote Code Execution Attacks | The PHP SOAP extension contains critical vulnerabilities that allow for remote code execution (RCE). These flaws can be exploited by attackers to gain control of affected systems. The extent of the impact and specific attack vectors are detailed in the linked advisory. No bug bounty payout amount is mentioned. |
| 2026-05-12 | Open WebUI File Upload Vulnerability Enables 1-Click RCE Attack | A critical file upload vulnerability has been discovered in Open WebUI, allowing for a 1-click Remote Code Execution (RCE) attack. This severe flaw means attackers can potentially gain control of systems running Open WebUI by exploiting this single vulnerability. Further details and the exploit mechanism are available at the provided link. No bounty payout amount was specified in the content. |
| 2026-05-12 | Cline AI Agent Flaw Allows Attackers to Launch RCE Attacks | A critical vulnerability has been discovered in the Cline AI Agent, allowing attackers to execute arbitrary code remotely (RCE). This flaw potentially exposes users to significant security risks. Further details and mitigation strategies are expected as the situation develops. No specific payout amount for reporting this bug was mentioned. |
| 2026-05-12 | Open WebUI File Upload Vulnerability Enables One-Click RCE Attacks | A critical vulnerability in Open WebUI's file upload functionality allows for one-click Remote Code Execution (RCE) attacks. This severe security flaw enables attackers to compromise systems without user interaction. The exploit is easily repeatable, posing a significant risk to users of the Open WebUI application. The extent of potential damage and the specific conditions for exploitation are detailed in the linked advisory. |
| 2026-05-12 | Critical Cline AI Agent Vulnerability Enables Remote Code Execution Attacks | A critical vulnerability has been discovered in the CriticalCline AI Agent that allows for remote code execution (RCE) attacks. This means attackers could potentially gain control of systems running the agent without needing physical access. The exploit could have significant security implications, allowing unauthorized access and manipulation of sensitive data or system functions. Further details on the specific nature of the vulnerability and potential mitigation strategies are available via the provided link. |
| 2026-05-11 | Critical PHP SOAP Extension Flaw Enables Remote Code Execution Attacks | A critical vulnerability has been discovered in the PHP SOAP extension that allows attackers to achieve remote code execution. This flaw poses a significant security risk, enabling malicious actors to potentially compromise systems running vulnerable PHP installations. Further details on the exploit and its impact are available at the provided link. No bounty payout amount is mentioned in the content. |
| 2026-05-11 | New cPanel and WHM Flaws Enable Remote Code Execution and DoS Attacks | New security vulnerabilities have been discovered in cPanel and WHM, two popular web hosting control panels. These flaws allow attackers to execute arbitrary code remotely, which could compromise server security. Additionally, the vulnerabilities can be exploited to launch Denial of Service (DoS) attacks, disrupting website availability. Users of cPanel and WHM are advised to update their systems immediately to patch these critical security risks. The specific bounty payout amount for reporting these issues is not mentioned in the provided content. |
| 2026-05-11 | Mozilla Products Multiple Vulnerabilities | Analysis of multiple vulnerabilities in Mozilla Products, including Firefox and Thunderbird, leading to potential denial of service and remote code execution. Affects versions prior to Firefox 150.0.2, Firefox ESR 115.35.2, Firefox ESR 140.10.2, Thunderbird 140.10.2, and Thunderbird 150.0.2. Patches are available from the vendor. |
| 2026-05-11 | Exploits and vulnerabilities in Q1 2026 | The provided content is a link to a resource detailing exploits and vulnerabilities expected in Q1 2026. No specific details about vulnerabilities, their impact, or any associated bug bounty payout amounts are present in the given information. Therefore, a summary of the content's key points and main ideas cannot be generated beyond stating its topic. |
| 2026-05-10 | Ivanti Warns of New EPMM Flaw Exploited in Zero-Day Attacks | Ivanti has issued a warning about a new critical vulnerability in its Endpoint Manager Mobile (EPMM) software that is already being exploited in zero-day attacks. The flaw, identified as CVE-2024-22053, allows unauthenticated attackers to gain administrative access to affected systems. Ivanti is urging customers to immediately apply a patch to mitigate the risk. No specific bounty payout amount was mentioned in the provided content. |
| 2026-05-10 | New cPanel vulnerabilities could allow file access and remote code execution | Writeup of cPanel vulnerabilities CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203, which permit arbitrary file reads, Perl code execution via the create_user API, and potential denial-of-service or privilege escalation through chmod. These flaws affect multiple cPanel & WHM releases and have been patched. This disclosure follows the weaponization of a separate cPanel authentication bypass vulnerability, CVE-2026-41940, as a zero-day for botnet deployment. Tools are available from watchTowr and cPanel to detect vulnerable hosts. |
| 2026-05-10 | New cPanel and WHM Flaws Enable Code Execution DoS Attacks | New vulnerabilities in cPanel and WHM allow attackers to execute code and launch Denial of Service (DoS) attacks. These security flaws could compromise server integrity and availability. Users are strongly advised to update their cPanel and WHM installations to the latest versions to patch these vulnerabilities and protect their systems. |
| 2026-05-09 | CVE-2025-68670: discovering an RCE vulnerability in xrdp | This content details the discovery of CVE-2025-68670, a remote code execution (RCE) vulnerability in xrdp. The provided link likely contains further technical information about this security flaw. No bug bounty payout amount is mentioned. |
| 2026-05-09 | Palo Alto Networks Firewall Zero-Day RCE Vulnerability Exploited in the Wild Since April | A critical zero-day Remote Code Execution (RCE) vulnerability in Palo Alto Networks firewalls has been actively exploited in the wild since April. The vulnerability affects specific PAN-OS versions and allows attackers to gain unauthorized access and control. Palo Alto Networks has released patches and urges customers to update their systems immediately to mitigate the risk of compromise. Users are advised to check their firewall configurations and monitor for suspicious activity. |
API Security +17
| Date | Resource | Summary |
|---|---|---|
| 2026-05-16 | PraisonAI Vulnerability Exploited Within Hours of Public Disclosure | PraisonAI experienced a critical vulnerability that was exploited within hours of its public disclosure. The exact nature of the vulnerability and the extent of the damage are not detailed in the provided content, other than that it was a significant security concern. No specific bug bounty payout amount was mentioned in the text. |
| 2026-05-15 | Critical Next.js Flaw Exposes Cloud Credentials API Keys and Admin Panels | A critical vulnerability in Next.js has been disclosed, posing a significant security risk by potentially exposing sensitive cloud credentials, API keys, and administrative panels. The flaw could allow attackers to gain unauthorized access to these critical resources, impacting the security of applications built with Next.js. Details of the vulnerability and its potential exploitability are outlined in the provided content. No specific bounty payout amount is mentioned in the provided text. |
| 2026-05-15 | Anthropic faces scrutiny over Claude's architectural flaws after multiple security disclosures in May 2026 | Analysis of Anthropic's Claude reveals architectural flaws leading to security disclosures in May 2026. Independent research identified issues with trust boundaries across multiple surfaces, enabling remote code execution and credential theft. CVE-2026-21852, patched in Claude Code version 2.0.65, allowed API key leakage from malicious repositories. Further incidents included an accidental leak of 512,000 lines of Claude Code's internal source code via an npm package, and concerns surrounding the use of Mythos-class vulnerability scanning tools. |
| 2026-05-14 | Langflow CVE-2026-33017 Exploited to Steal AWS Keys and Deploy NATS Worker | A critical vulnerability, CVE-2026-33017, in Langflow has been exploited. Attackers leveraged this flaw to steal AWS keys and deploy a NATS worker, indicating a sophisticated and potentially wide-reaching compromise. The exploitation highlights significant security risks associated with the affected Langflow versions. Further details on the exploit and its impact can be found at the provided link. |
| 2026-05-14 | Critical WordPress Plugin Flaw Enables Authentication Bypass Attacks | Critical WordPress Plugin Flaw Enables Authentication Bypass Attacks https://ift.tt/DurmUNc |
| 2026-05-14 | Innovation at the speed of AI" is the goal - but for most security teams it's a visibility nightmare. When AWS Bedrock agents are granted the power to execute API calls and modify data the | The Cyber Security Hub | The article "Innovation at the speed of AI" highlights a significant challenge for security teams: lack of visibility. This issue intensifies when AWS Bedrock agents are empowered to execute API calls and modify data, creating potential security risks. The core problem lies in the difficulty for security teams to monitor and control the actions of these AI agents, hindering their ability to ensure robust security practices amidst rapid AI adoption. |
| 2026-05-14 | Langflow CVE-2026-33017 Exploited to Steal AWS Keys Deploy NATS Worker | Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker https://ift.tt/zdHZtrD |
| 2026-05-14 | PraisonAI vulnerability gets scanned within 4 hours of disclosure | Writeup of CVE-2026-44338, an authentication bypass in PraisonAI's legacy Flask API server, details how internet scanners began probing vulnerable instances within four hours of disclosure. The flaw, affecting versions 2.5.6 to 4.6.33, stems from default authentication being disabled in `api_server.py`, allowing unauthenticated access to agent workflows. Researchers identified the "CVE-Detector/1.0" user-agent as a sign of early reconnaissance targeting specific PraisonAI endpoints. |
| 2026-05-14 | New MCP Security Flaws: Kubectl-mcp-server Archon OS and MarkItDown Vulnerabilities | Library detailing vulnerabilities in widely used MCP tools, including CVE-2025-65719 and CVE-2025-69443 affecting Kubectl-mcp-server and Archon OS. These flaws expose over 140,000 GitHub stars to data exfiltration, credential theft, and lateral movement. The findings highlight systemic risks in AI supply chains due to unauthenticated and sandboxed MCP protocols, emphasizing the critical need for security at the integration layer rather than shifting responsibility to users. |
| 2026-05-13 | DDoS Protection for Insurance: Always-On Defense for Claims Quotes & APIs | This article highlights the critical need for Always-On DDoS protection for insurance companies, specifically for their claims, quotes, and API services. It emphasizes that continuous availability is paramount to maintain customer trust and operational integrity. The proposed solution focuses on robust defense mechanisms to prevent service disruptions, ensuring that policyholders can access essential services like submitting claims or getting quotes without interruption, even under attack. |
| 2026-05-12 | JetBrains TeamCity vulnerability allows privilege escalation API exposure (CVE-2026-44413) | Writeup of CVE-2026-44413, a critical vulnerability in JetBrains TeamCity, allowing privilege escalation and exposure of sensitive information like API tokens and build secrets. Attackers could leverage these credentials to compromise cloud infrastructure or source code repositories, impacting software delivery pipelines. Exploitation requires TeamCity account access, attainable through brute force or credential stuffing, or via enabled guest access. Affected versions include TeamCity On-Premises 2025.11.4 and earlier, with fixes available in 2026.1 or a security patch plugin. |
| 2026-05-12 | OpenAI Introduces Daybreak: A Cybersecurity Initiative That Puts Codex Security at the Center of Vulnerability Detection and Patch Validation | OpenAI has launched Daybreak, a new cybersecurity initiative focused on enhancing the security of its Codex code model. Daybreak aims to proactively identify and address vulnerabilities within Codex by leveraging AI-powered security tools. The program emphasizes both the detection of existing security flaws and the validation of patches to ensure their effectiveness. This initiative signifies OpenAI's commitment to robust AI security practices. |
| 2026-05-11 | Ollama Vulnerability Exposes Remote Process Memory | Writeup of CVE-2026-7482, "Bleeding Llama," a critical heap out-of-bounds read in Ollama's GGUF model loader. This vulnerability allows for the leakage of process memory, including API keys and user conversation data, through the `/api/create` and `/api/push` endpoints, especially when Ollama is configured to bind to `0.0.0.0`. Versions prior to 0.17.1 are affected, with remediation involving an immediate upgrade and auditing of network-exposed instances. |
| 2026-05-10 | Ollama contains critical GGUF out-of-bounds read | Writeup on CVE-2026-7482 details a critical heap out-of-bounds read in Ollama's GGUF model loader, affecting versions before 0.17.1. Exploitable via the unauthenticated /api/create endpoint with a crafted GGUF file, the vulnerability allows reading past allocated heap buffers, potentially leaking environment variables, API keys, and user data. This leaked data can be exfiltrated using the /api/push endpoint. Roughly 300,000 Ollama deployments are estimated to be publicly reachable, increasing the attack surface. |
| 2026-05-10 | Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak | Library detailing CVE-2026-7482, a critical out-of-bounds read vulnerability in Ollama's GGUF model loader that allows remote attackers to leak process memory, potentially exposing API keys and user data. It also covers two unpatched Windows vulnerabilities, CVE-2026-42248 (missing signature verification) and CVE-2026-42249 (path traversal), which can be chained for persistent code execution by influencing update responses. |
| 2026-05-09 | Critical Ollama Memory Leak Vulnerability Exposes 300000 Servers Globally | A critical memory leak vulnerability in Ollama, an open-source tool for running large language models, has been discovered, potentially impacting an estimated 300,000 servers worldwide. The vulnerability allows for denial-of-service (DoS) attacks by exhausting server memory. While the exact payout amount for reporting this bug isn't specified, the discovery highlights a significant security risk for users of Ollama, emphasizing the need for prompt patching and security awareness in the AI infrastructure landscape. |
| 2026-05-09 | New ZiChatBot Malware Uses Zulip REST APIs as Command and Control Server | Library for detecting the ZiChatBot malware, which exploits Zulip REST APIs for command and control. This cross-platform malware, identified by Securelist and linked to the OceanLotus APT group (APT32), was distributed via malicious Python packages on PyPI, including fake libraries like uuid32-utils, colorinal, and termncolor. ZiChatBot uses two channel-topic pairs within Zulip to exfiltrate system information and receive shellcode commands, with execution confirmed by a heart emoji response. The dropper employs AES encryption and self-deletion for stealth. |
SQLi +7
| Date | Resource | Summary |
|---|---|---|
| 2026-05-15 | Two vulnerabilities found in popular WordPress plugin Avada Builder | Writeup detailing two vulnerabilities in the Avada Builder WordPress plugin, affecting over a million installations. CVE-2026-4782, an arbitrary file read, requires subscriber-level access, while CVE-2026-4798, a high-severity SQL injection, is exploitable without authentication, potentially leading to password hash exfiltration. Patches were released in April/May 2026, with users urged to update to version 3.15.3+. |
| 2026-05-14 | Avada Builder Flaws Expose One Million WordPress Sites | Analysis of CVE-2026-4782 and CVE-2026-4798 in Avada Builder, two vulnerabilities affecting nearly one million WordPress sites. The arbitrary file read flaw, CVSS 6.5, allows authenticated subscribers to read sensitive files like wp-config.php via the fusion_section_separator shortcode. The time-based SQL injection, CVSS 7.5, impacts sites with deactivated WooCommerce, exploiting an unescaped product_order parameter. Patches were released in versions 3.15.2 and 3.15.3. |
| 2026-05-13 | Bug hunter tracks down three serious MCP database flaws one left unpatched | Writeup detailing three critical vulnerabilities discovered in MCP databases by a security researcher. One of these flaws, impacting Apache and Alibaba databases, remains unpatched by the vendor, highlighting ongoing supply chain security risks within open-source software. The article emphasizes how AI-driven tools are increasing vulnerability discovery rates, leading to a surge in patches and a growing "vulnpocalypse." |
| 2026-05-12 | SAP Patches Critical SQL injection Vulnerability in SAP S/4HANA | SAP has released a patch for a critical SQL injection vulnerability in its S/4HANA enterprise resource planning software. This vulnerability could allow attackers to gain unauthorized access to sensitive data and potentially disrupt business operations. The company urges all users of SAP S/4HANA to apply the security update immediately to protect their systems from potential exploitation. |
| 2026-05-12 | SAP Releases Patch for Critical SQL Injection Flaw in S/4HANA | SAP has released a patch to address a critical SQL injection vulnerability in its S/4HANA software. This flaw, identified as CVE-2023-33906, allows unauthorized attackers to execute arbitrary SQL statements, potentially leading to data breaches or system compromise. The vulnerability was discovered by a security researcher. SAP urges all S/4HANA users to apply the patch promptly to mitigate this risk. No specific bug bounty payout amount was mentioned. |
| 2026-05-12 | SAP Patches Critical SQL Injection Flaw in SAP S/4HANA | SAP Patches Critical SQL Injection Flaw in SAP S/4HANA https://ift.tt/Uye1D4F |
| 2026-05-11 | U.S. CISA adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog | CVE-2026-42208 is a critical SQL injection vulnerability in BerriAI LiteLLM versions 1.81.16 to 1.83.6, allowing unauthenticated attackers to access and potentially modify database data via a crafted Authorization header. This flaw was added to CISA's Known Exploited Vulnerabilities catalog due to rapid real-world exploitation observed shortly after disclosure, with attackers targeting sensitive information like virtual API keys and credentials. A fix is available in LiteLLM version 1.83.7. |
Python +6
| Date | Resource | Summary |
|---|---|---|
| 2026-05-13 | JDownloader Hack Spreads New Python RAT | A new Python Remote Access Trojan (RAT) is being distributed through a hack of the popular JDownloader application. Attackers are leveraging legitimate JDownloader update servers to push the malware, making it appear as a trusted software update. This sophisticated attack vector allows the RAT to gain a foothold on victim systems, potentially leading to data theft or further malicious activity. The distribution method highlights the evolving tactics of cybercriminals in bypassing security measures. |
| 2026-05-12 | What AI 'fingerprints' helped expose the 1st AI-made zero-day exploit? | The exploit was a Python script | Researchers discovered the first zero-day exploit generated by AI. The exploit was written as a Python script. The article's title suggests that unique "AI fingerprints" were crucial in identifying this novel threat, distinguishing it from human-crafted exploits. This marks a significant development in cybersecurity, highlighting AI's potential for both creating and detecting sophisticated attacks. The specific details of these "fingerprints" and how they led to the exposure of the exploit are likely discussed within the linked content. |
| 2026-05-12 | Microsoft Warns Of Compromised mistralai PyPI Package | Microsoft has issued a warning about a compromised package named "mistralai" on the Python Package Index (PyPI). The malicious package appears to be an imposter, likely mimicking a legitimate AI model. Details regarding its exact functionality or potential harm are still emerging. Users are strongly advised to avoid installing or using the "mistralai" package from PyPI until further information is available or the issue is resolved. |
| 2026-05-12 | Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware | Library for detecting Operation HumanitarianBait, a Python spyware campaign targeting Russian speakers with fake humanitarian aid documents. This campaign utilizes LNK files within RAR archives, fileless execution via PowerShell, and obfuscation with PyArmor v9.2 Pro. The malware steals credentials from Chromium and Firefox browsers, exfiltrates Telegram session data, searches for cryptocurrency private keys, logs keystrokes, captures screenshots, and establishes remote access via RustDesk or AnyDesk. Persistence is maintained through Windows Scheduled Tasks and VBScript launchers, with C2 infrastructure hosted by Namecheap. |
| 2026-05-11 | Python Infostealer Uses GitHub Releases To Bypass Security Tools | A Python infostealer malware is leveraging GitHub Releases to evade detection by security tools. Attackers are uploading malicious payloads disguised as legitimate software updates to GitHub's release pages. This tactic allows them to distribute malware through a trusted platform, making it harder for antivirus and other security solutions to identify and block the threats. The use of GitHub's infrastructure helps the infostealer bypass typical security checkpoints and reach targeted systems more effectively. |
| 2026-05-10 | JDownloader Website Supply Chain Attack: Installers Replaced with Python RAT Malware (May 2026) | Writeup of the JDownloader website supply chain attack (May 2026), detailing how an unpatched CMS vulnerability allowed attackers to replace Windows and Linux installers with a Python RAT and ELF binaries respectively. The attack, active for approximately 24 hours, utilized obfuscation and persistence techniques, including SUID-root binaries for Linux. This incident highlights the risks of unauthorized changes to web content and the importance of verifying digital signatures. |
XSS +5
| Date | Resource | Summary |
|---|---|---|
| 2026-05-15 | Critical GitLab Vulnerabilities Enables XSS and Unauthenticated DoS Attacks | Two critical vulnerabilities have been discovered in GitLab, allowing attackers to perform Cross-Site Scripting (XSS) attacks and unauthenticated Denial-of-Service (DoS) attacks. These flaws could lead to sensitive data exposure and service disruption. Users are strongly advised to update their GitLab instances to the latest versions to mitigate these risks. The specific versions affected and the patches available are detailed in the linked security advisory. |
| 2026-05-14 | GitLab Security Flaw Allows Cross-Site Scripting and Unauthenticated DoS | A critical GitLab security vulnerability has been disclosed, enabling both Cross-Site Scripting (XSS) and unauthenticated Denial-of-Service (DoS) attacks. The flaw potentially allows attackers to execute malicious scripts within a user's browser and disrupt GitLab services without needing to log in. Further details regarding the specific exploit and its impact are available in the provided link. No bug bounty payout amount was stated in the content. |
| 2026-05-12 | Instructure confirms hackers used Canvas flaw to deface portals | Writeup on ShinyHunters exploiting cross-site scripting (XSS) vulnerabilities in Instructure's Canvas LMS. Attackers used these flaws to gain authenticated admin sessions, deface login portals with extortion messages, and exfiltrate over 3.6 terabytes of data. The attacks targeted the Free-for-Teacher environment, leading to temporary downtime and account closures. |
| 2026-05-11 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities | Writeup on Cisco Identity Services Engine (ISE) stored cross-site scripting vulnerabilities, CVE-2025-20204 and CVE-2025-20205. These flaws stem from insufficient input validation in the web-based management interface, allowing authenticated attackers to inject malicious script code. Exploitation enables arbitrary script execution within the interface context or access to sensitive browser data, requiring administrative credentials. Cisco has released updates to address these issues. |
| 2026-05-09 | Every Old Vulnerability Is Now an AI Vulnerability | This article argues that as Artificial Intelligence (AI) systems become more integrated, traditional cybersecurity vulnerabilities are now also AI vulnerabilities. Existing exploits and weaknesses in software, hardware, and network infrastructure can be leveraged to target or compromise AI models. This means that the vast landscape of known security flaws presents a significant risk to AI systems, requiring a re-evaluation of security strategies to account for this expanded threat surface. |
SSRF +4
| Date | Resource | Summary |
|---|---|---|
| 2026-05-15 | Rasputin.DZ: got my first "exceptional technical depth" on a duplicate report half compliment half punishment. building my way up one dupe at a time. The grind continues. #bugbounty #infosec #SSRF #OWASP #WebAppSec #APIsecurity #CloudSecurity #GCP | Rasputin.DZ received their first "exceptional technical depth" rating on a duplicate bug bounty report, viewing it as both a compliment and a setback. They are focusing on building their experience through these reports, emphasizing the ongoing "grind" in the bug bounty and infosec space. The report involved an SSRF vulnerability and touched upon web application security, API security, and cloud security on GCP. |
| 2026-05-15 | Critical Next.js Vulnerability Exposes Cloud Credentials API keys and Admin Panels | A critical vulnerability in Next.js has been disclosed, potentially exposing sensitive cloud credentials, API keys, and admin panels. This flaw could allow attackers to gain unauthorized access to vital system resources. Further details on the exploit and mitigation strategies are available through the provided link, which was shared via IFTTT. |
| 2026-05-13 | BRute Logic: Localhost with Ideographic Full Stop (IFS) http://127%E3%80%820%E3%80%820%E3%80%821 http://127%EF%BD%A10%EF%BD%A10%EF%BD%A11 Combining these with the other bypass techniques described below can make all the difference. #SSRF #BugBounty | BRute Logic: Localhost with Ideographic Full Stop (IFS) http://127%E3%80%820%E3%80%820%E3%80%821 http://127%EF%BD%A10%EF%BD%A10%EF%BD%A11 Combining these with the other bypass techniques described bel... |
| 2026-05-10 | Multiple Critical Flaws Fixed in Next.js and React Server Components | Next.js and React Server Components have addressed several critical security vulnerabilities. While the specific flaws are not detailed in the provided text, the fix indicates potential risks to applications utilizing these technologies have been mitigated. The content emphasizes the importance of applying these updates to maintain application security. No bug bounty payout amounts are mentioned. |
Fuzzing +3
| Date | Resource | Summary |
|---|---|---|
| 2026-05-15 | Claude Mythos found decade-old Firefox bugs that years of fuzzing missed | Claude Mythos has discovered long-standing bugs in Firefox, some present for a decade, which eluded extensive fuzzing efforts. This highlights limitations in automated testing and the value of manual, in-depth security research. The specific number of bugs or their severity was not detailed in the provided content, nor was any bug bounty payout amount mentioned. |
| 2026-05-15 | Stopping bugs before they ship: The shift to preventative security | The article discusses a crucial shift in cybersecurity: moving from reactive bug fixing to proactive, preventative security measures. This approach aims to identify and resolve vulnerabilities earlier in the development lifecycle, before software is released to the public. The goal is to minimize the risk of security breaches and their associated costs, ultimately leading to more secure products and services. The emphasis is on integrating security practices throughout the entire development process, rather than treating it as an afterthought. |
| 2026-05-10 | Mozilla Uses AI to Help Discover a Security Vulnerability in Firefox 271 | Mozilla successfully employed AI to identify a security vulnerability in Firefox 271. This marks a significant step in leveraging artificial intelligence for cybersecurity, enabling more proactive discovery of potential threats. The AI's ability to analyze complex code and identify weaknesses could revolutionize vulnerability assessment and software security. This development highlights the growing importance of AI in protecting digital infrastructure and user data. |
AI +2
| Date | Resource | Summary |
|---|---|---|
| 2026-05-13 | How indirect prompt injection attacks on AI work - and 6 ways to shut them down | Library providing defenses against indirect prompt injection attacks, a top LLM security risk. These attacks weaponize AI by embedding malicious instructions within external data sources, leading to actions like API key theft, system overrides, attribute hijacking, and terminal command injection. Mitigation strategies include input/output validation, human oversight, least privilege, and OWASP's cheat sheet for handling these threats, which are ranked as the highest to LLM security by OWASP. |
| 2026-05-12 | 7 AI Security Tools to Prepare You for Every Attack Phase | Library for hardening machine learning models against adversarial threats, the Adversarial Robustness Toolbox (ART) offers Python modules for assessing, defending, and verifying security. It supports 39 attack and 29 defense modules across major ML frameworks like TensorFlow and PyTorch, handling various data modalities. ART provides robustness metrics for objective resilience reporting, best suited for ML researchers and security engineers focused on adversarial attack simulation and model hardening during development. |
Bug Bounty +2
| Date | Resource | Summary |
|---|---|---|
| 2026-05-13 | OpenAI Launches GPT-5.5 Bio Bug Bounty Program | Bounty program from OpenAI targets universal jailbreaks of GPT-5.5 to prevent harmful biological outputs, offering $25,000 for the first successful prompt. Applications for the restricted program, running April 23 to June 22, 2026, are invite- or application-only with vetting and NDA requirements, focusing testing on Codex Desktop between April 28 and July 27, 2026. |
| 2026-05-13 | New PoC Exploit Published for Microsoft Defender 0-Day Flaw | A new Proof of Concept (PoC) exploit has been released for a zero-day flaw in Microsoft Defender. This vulnerability was recently disclosed and allows for remote code execution. The publication of this PoC increases the risk of the vulnerability being exploited in the wild, as it provides a practical demonstration of how to leverage the flaw. Microsoft is likely working on a patch to address this security issue. |
GraphQL +1
| Date | Resource | Summary |
|---|---|---|
| 2026-05-15 | DarkMoon AI-Powered Autonomous Penetration Testing Platform With 50 Tools | DarkMoon is an AI-powered autonomous penetration testing platform featuring over 50 tools. It automates the process of identifying vulnerabilities in systems. |
CSRF +1
| Date | Resource | Summary |
|---|---|---|
| 2026-05-12 | Vulnerabilities in PAC4J software | Writeup on CVE-2026-40458 and CVE-2026-40459 in PAC4J software, detailing Cross-Site Request Forgery (CSRF) vulnerabilities exploitable through deterministic `String.hashCode()` collisions and LDAP Injection flaws in ID-based search parameters. These vulnerabilities allowed unauthorized profile updates, password changes, and arbitrary directory operations. The issues were resolved in PAC4J versions 5.7.10 and 6.4.1. |
IDOR +1
| Date | Resource | Summary |
|---|---|---|
| 2026-05-12 | Max's Bug Bounty: Two Hundred Thirteen Flaws and Twenty-Two Million in Rewards | Analysis of Max's Bug Bounty program reveals over 213 vulnerabilities identified, with Insecure Direct Object Reference (IDOR) being the most prevalent. The program, which has paid out over 21.9 million rubles, highlights the effectiveness of bug bounty initiatives in improving application security. |
AuthZ +1
| Date | Resource | Summary |
|---|---|---|
| 2026-05-11 | Devastating 'Dirty Frag' exploit leaks out gives immediate root access on most Linux machines since 2017 no patches available no warning given Copy Fail-like vulnerability had its embargo broken | Tool that provides immediate root access on most Linux machines since 2017 due to the Dirty Frag vulnerability. This local privilege escalation exploit leverages a zero-copy operation in IPSec-related modules, specifically affecting "xfrm-ESP Page Cache Write" and "RxRPC Page-Cache Write." Distributions like Ubuntu, Arch, RHEL, and Fedora are impacted. Mitigation involves disabling esp4, esp6, and rxrpc kernel modules. The exploit code is available via a GitHub repository for testing. |