Recently Added
The most recent resources added to appsec.fyi, across all topics. Subscribe to the RSS feed to stay updated.
| Date | Topic | Link | Excerpt |
|---|---|---|---|
| 2026-06-02 | API Security | Claude Code's Vulnerability in GitHub Actions Allows an Attacker to Compromise any Repository | A critical vulnerability has been discovered in Claude Code's integration with GitHub Actions. This flaw enables an attacker to compromise any repository utilizing the service. The exact payout amount for this bug bounty was not explicitly stated in the provided content. |
| 2026-06-02 | Supply Chain | ReversingLabs Spectra Assure Wins 2026 Fortress Cybersecurity Award in Software Supply Chain Security | ReversingLabs Spectra Assure has won the 2026 Fortress Cybersecurity Award for its excellence in Software Supply Chain Security. The award recognizes Spectra Assure's innovative capabilities in protecting software supply chains from emerging threats. This achievement highlights ReversingLabs' commitment to enhancing software security and safeguarding organizations against supply chain attacks. |
| 2026-06-02 | Supply Chain | New npm Supply Chain Attack: @redhat-cloud-services Compromised | A new npm supply chain attack has compromised the `@redhat-cloud-services` package. This incident involved the malicious injection of code into the package, posing a risk to users. The specific details of the compromise and its impact are still being investigated. |
| 2026-06-02 | AI | Snowflake Bolsters AI Security | Snowflake is enhancing its security features to better protect AI models and data. The company is introducing new capabilities within its platform designed to address the unique security challenges posed by AI. These enhancements aim to provide customers with greater confidence in the safety and privacy of their AI-driven applications and sensitive data processed through Snowflake. |
| 2026-06-02 | Supply Chain | Compromised Red Hat npm packages downloaded over 80000 times in one week supply chain attack still ongoing | Red Hat's npm packages were compromised in a supply chain attack, leading to over 80,000 downloads in a single week. The attack is ongoing. This highlights a significant security risk where malicious code can be introduced into widely used software components, potentially impacting numerous users and systems. Developers are advised to remain vigilant and monitor for any suspicious activity related to Red Hat's npm packages. |
| 2026-06-02 | Supply Chain | Red Hat removes tainted packages after software pipeline compromise | Red Hat has removed tainted software packages after a compromise of its software pipeline. The exact nature and scope of the compromise are still under investigation. This incident highlights the critical importance of securing software supply chains to prevent malicious code from being injected into widely distributed software. Red Hat is taking steps to address the vulnerability and ensure the integrity of its products. No bug bounty payout amount is mentioned in this content. |
| 2026-06-02 | SQLi | AnonymousPostgreSQL Injection in Drupal Core (CVE-2026-9082) | Drupal Core is vulnerable to an anonymous PostgreSQL injection (CVE-2026-9082). This flaw allows unauthenticated users to inject arbitrary PostgreSQL code into a database. The vulnerability arises from insufficient sanitization of user-supplied data. Successful exploitation could lead to data manipulation, disclosure, or even remote code execution. Users are advised to update Drupal Core to the latest patched version as soon as possible to mitigate this critical security risk. |
| 2026-06-02 | SSRF | How an Unauthenticated MCP Server Led to SSRF LFI and AWS Credential Theft | A security researcher discovered a critical vulnerability in an unauthenticated MCP (Master Control Program) server. This flaw allowed for Server-Side Request Forgery (SSRF) and Local File Inclusion (LFI), which ultimately led to the theft of AWS credentials. The exploit chain enabled unauthorized access to cloud resources. |
| 2026-06-02 | GraphQL | GitLab Patches Multiple Duo AI DoS and Authorization Flaws in Community and Enterprise Edition | GitLab has released security updates to address critical vulnerabilities affecting its Duo AI, Denial-of-Service (DoS), and authorization features. These flaws, present in both Community and Enterprise Editions, could allow attackers to disrupt service or gain unauthorized access. Users are strongly advised to update to the latest versions to mitigate these risks. No specific bounty payout amounts were mentioned in the provided content. |
| 2026-06-02 | SSRF | xHackInSeconds: URL field accepted internal addresses. 169.254.169.254. IAM role credentials in the response. Full S3 and RDS access. #infosec #cloud #ssrf | xF HackInSeconds discovered a vulnerability where a URL field accepted internal IP addresses, including the metadata service address 169.254.169.254. This allowed attackers to retrieve IAM role credentials from the response. With these credentials, they gained full access to S3 buckets and RDS instances. This highlights a critical Server-Side Request Forgery (SSRF) flaw in cloud environments. |
| 2026-06-02 | SSRF | Hi: that NASA XXE chain is filthy. multiline DOCTYPE bypass SSRF chaining to get AWS metadata is exactly the kind of creative attack chain that gets $50k bounties. insane find honestly #WebSecurity #SSRF | A researcher discovered a "filthy" XXE (XML External Entity) chain attack against NASA. This sophisticated attack involves a multiline DOCTYPE bypass to achieve SSRF (Server-Side Request Forgery), ultimately enabling the retrieval of AWS metadata. This type of creative attack chain is highly valued in bug bounty programs, with potential payouts exceeding $50,000. The find is described as "insane" and highlights advancements in web security exploitation. |
| 2026-06-02 | Supply Chain | Critical Supply Chain Attack Compromises 32 Red Hat @redhat-cloud-services NPM Packages with Credential-Stealing Malware | A critical supply chain attack has compromised 32 Red Hat @redhat-cloud-services NPM packages. The malicious code embedded within these packages aims to steal credentials. This incident highlights a significant vulnerability in software development pipelines, where third-party dependencies can be exploited to introduce malware. Organizations relying on these compromised packages are at risk of data breaches and unauthorized access. Further investigation into the extent of the compromise and remediation efforts is ongoing. |
| 2026-06-02 | API Security | Web Application & API Attacks Are Rising:Are You Blind to Modern Web Attacks? Join WAAP Security... | Web application and API attacks are on the rise, leaving organizations vulnerable to modern threats. The provided content, titled "Web Application & API Attacks Are Rising: Are You Blind to Modern Web Attacks? Join WAAP Security...", suggests that businesses may be unaware of these escalating dangers. It promotes WAAP Security as a solution to address these blind spots and improve defenses against contemporary web attacks. The content does not mention any specific bug bounty payout amounts. |
| 2026-06-02 | Supply Chain | 34 Malicious Packages Steal Cloud Keys Wallets and SSH Credentials | Thirty-four malicious npm packages have been discovered that steal sensitive information from developers. These packages, disguised as legitimate tools, are designed to exfiltrate cloud API keys, cryptocurrency wallet credentials, and SSH keys. The compromised packages were published on the npm registry, a popular repository for JavaScript. This incident highlights the ongoing threat of supply chain attacks and the importance of vigilant security practices when using third-party code. No specific bounty payout amount was mentioned in the provided content. |
| 2026-06-02 | API Security | Financial Data Crisis! ChatGPT Spreadsheet Plugin Exposes Serious Security Vulnerability | A critical security vulnerability has been discovered in a ChatGPT spreadsheet plugin, potentially exposing sensitive financial data. The plugin's flaw could allow unauthorized access to user information. This presents a significant "Financial Data Crisis" and highlights the risks associated with integrating third-party tools into AI platforms. Users are advised to exercise caution and consider disabling the plugin until a fix is implemented. The exact payout amount for reporting this vulnerability is not specified in the provided content. |
| 2026-06-02 | Supply Chain | Supply Chain Attack Hits 32 Red Hat NPM Packages | A supply chain attack has compromised 32 Red Hat NPM packages. The attack involved the malicious modification of legitimate code within these packages, potentially exposing users to risks. Further details on the specific vulnerabilities and the extent of the compromise are being investigated. There is no mention of a bounty payout amount in the provided content. |
| 2026-06-02 | Supply Chain | Attack targeting OpenAI Codex users exposes AI software supply chain risks | A recent attack targeted users of OpenAI's Codex, highlighting significant risks within the AI software supply chain. The exploit leveraged malicious GitHub repositories, demonstrating how compromised code can be injected into AI development workflows. This incident underscores the vulnerability of AI systems to supply chain attacks, where attackers can compromise dependencies or tools used in the AI lifecycle. The attack's nature suggests a sophisticated attempt to gain unauthorized access or disrupt AI model development and deployment processes. Further details on the specific vulnerabilities exploited and the extent of the compromise are still emerging. |
| 2026-06-02 | AI | What Is LLM (Large Language Model) Security? | LLM security focuses on protecting large language models from vulnerabilities and misuse. This includes safeguarding against attacks like prompt injection, data poisoning, and the extraction of sensitive information. It also addresses ethical concerns and ensures LLMs are used responsibly and do not generate harmful or biased content. The goal is to build trust and ensure the safe deployment of these powerful AI systems. |
| 2026-06-02 | Supply Chain | Miasma Revives Shai-Hulud Supply Chain Attack Tactics | The cybersecurity firm Mandiant has identified a resurgence of the Shai-Hulud supply chain attack tactics, now being employed by a threat group they've named "Miasma." This group is exploiting vulnerabilities within the software supply chain to infiltrate target organizations. Mandiant's research indicates Miasma is leveraging sophisticated techniques, similar to those used in earlier Shai-Hulud campaigns, to compromise legitimate software and distribute malware. The implications for businesses relying on third-party software are significant, as these attacks can lead to widespread compromise and data breaches. |
| 2026-06-02 | RCE | Threat Actors Reportedly Target CVE-2026-41089 Flaw | Threat actors are reportedly exploiting a vulnerability identified as CVE-2026-41089. The provided content is a link to a news article about this security issue. No specific details about the flaw's impact, affected systems, or mitigation strategies are included in the provided text. Additionally, there is no mention of any bug bounty payout amounts. |
| 2026-06-02 | RCE | TP-Link Router Security Bug Enables Remote Command Execution Attacks | A critical security vulnerability in TP-Link routers allows for remote command execution. This flaw enables attackers to compromise the devices without requiring user interaction or authentication, potentially leading to widespread network breaches. Further details on the exploit and affected models are available via the provided link. |
| 2026-06-02 | SSRF | Gray Hats: A critical Apache Fesod SSRF vulnerability has been found. Learn about the CVE-2026-49328 patch released to protect internal network resources. #ApacheFesod #SSRF #CVE202649328 #JavaSecurity #Cybersecurity | A critical Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2026-49328, has been discovered in Apache Fesod. A patch has been released to address this security flaw, which could have allowed attackers to access internal network resources. The vulnerability highlights ongoing concerns within Java security and the broader cybersecurity landscape. |
| 2026-06-02 | Supply Chain | Unpatched software is now the top way into banks | Survey of the 2026 Verizon Data Breach Investigations Report, highlighting unpatched software as the leading entry vector into banks, surpassing stolen credentials for the first time. The report also identifies increasing third-party vendor involvement in breaches and the growing threat of AI-assisted attacks exploiting known software flaws. |
| 2026-06-02 | Supply Chain | Multiple redhat-cloud-services npm Packages compromised | Library analyzing multiple @redhat-cloud-services npm packages compromised with malware, executing on install before application code. The payload uses ROT-21, AES-128-GCM, obfuscator.io, and a B5 cipher to evade detection and harvest secrets from GitHub Actions, AWS, GCP, Azure, Kubernetes, Vault, npm, and CircleCI. It also acts as a self-propagating worm, using stolen npm tokens and `bypass_2fa` to republish backdoored packages. Analysis involved static and dynamic techniques, including StepSecurity Harden-Runner. |
| 2026-06-02 | Supply Chain | Containers on fire: from container escapes to supply chain attacks | This article, "Containers on fire: from container escapes to supply chain attacks," explores the security risks associated with containerized environments. It discusses vulnerabilities such as container escapes, which allow attackers to break out of isolated containers, and supply chain attacks, which compromise the integrity of software components used within containers. The content likely delves into the methods attackers exploit and the potential impact of these security breaches on organizations utilizing container technology. |
| 2026-06-02 | RCE | Critical Windows Netlogon Vulnerability in Attackers Crosshairs | Writeup of CVE-2026-41089, a critical Windows Netlogon vulnerability, details its exploitation for remote code execution by threat actors. This stack-based buffer overflow flaw allows unauthenticated attackers to target domain controllers, potentially gaining system privileges. The Centre for Cybersecurity Belgium warns of active in-the-wild exploitation, urging immediate patching despite Microsoft's initial assessment. This vulnerability poses a significant risk due to Netlogon's role in domain authentication. |
| 2026-06-02 | RCE | RedHat Linux Kernel Multiple Vulnerabilities | Bulletin detailing multiple vulnerabilities affecting RedHat Linux Kernel, including CVE-2024-56547 and others. Exploits can lead to denial of service, remote code execution, data manipulation, and security restriction bypass across various Red Hat Enterprise Linux and OpenShift Container Platform versions, impacting architectures like aarch64, s390x, ppc64le, and x86_64. |
| 2026-06-02 | AI | You cant patch your way out of prompt injection: AI agents need a different defense | Library for defending against prompt injection in AI agents, emphasizing structural defenses over filters. It addresses vulnerabilities like EchoLeak (CVE-2025-32711) and ShareLeak (CVE-2026-21520) by mitigating the "lethal trifecta" of private data access, untrusted content exposure, and outbound communication. The library promotes treating source text as data, scoping agent capabilities, and implementing strict data-flow and control-flow rules, inspired by research like Google DeepMind's CaMeL. |
| 2026-06-01 | API Security | Eliminate Critical API Attack Paths with Wiz API SPM | Library for continuous, agentless API discovery across AWS, Azure, and GCP environments. It assesses API exploitability by simulating attacker techniques, identifying "toxic combinations" where exposed APIs lead to sensitive data compromise. The library prioritizes remediation efforts and offers actionable guidance, even supporting automated workflows like triggering Terraform patches. It integrates API and cloud security context within a Security Graph, revealing attack paths and risks like SQL injection vulnerabilities or Broken Object Level Authorization. |
| 2026-06-01 | Supply Chain | OpenAI Codex tool with over 29000 downloads linked to malicious npm supply chain attack stealing authentication tokens | Library exposing a supply-chain attack targeting OpenAI Codex users. A malicious npm package, "codexui-android," with over 29,000 downloads, exfiltrated non-expiring refresh tokens. Researchers also identified two Android apps, OpenClaw Codex Claude AI Agent and Codex, with tens of thousands of downloads, which similarly targeted Codex users by sending credentials to attacker-controlled servers. |
| 2026-06-01 | Supply Chain | Dozens of Red Hat packages backdoored through its offical NPM channel | Writeup detailing a supply-chain attack targeting Red Hat's official NPM channel. Threat actors compromised the `@redhat-cloud-services` namespace, publishing over 30 backdoored packages. These packages execute obfuscated payloads during `npm install`, stealing credentials like GitHub action secrets, npm tokens, Kubernetes, and Vault material. The malware then spreads by republishing compromised packages to other accounts, with infected systems encrypting and exfiltrating data via web requests or to compromised GitHub repositories. |
| 2026-06-01 | RCE | Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks | A critical vulnerability has been discovered in a Magento cache plugin, allowing remote code execution (RCE) attacks. This flaw could enable attackers to compromise Magento websites. Further details and potential mitigation strategies are available via the provided link. No specific bounty payout amount is mentioned in the content. |
| 2026-06-01 | Python | Millions of AI agents imperiled by critical vulnerability in open source package | Library implementing ASGI for Python applications, Starlette, is vulnerable to CVE-2026-48710 (BadHost), allowing attackers to bypass authorization via a modified HTTP Host header. This critical vulnerability, trivially exploitable without proper firewalling, impacts FastAPI, vLLM, LiteLLM, and millions of AI agents relying on Starlette, potentially exposing sensitive data and third-party credentials. |
| 2026-06-01 | Supply Chain | Miasma: Supply Chain Attack Targeting RedHat npm Packages | Analysis of Miasma details a supply chain attack targeting @redhat-cloud-services npm packages, compromising at least 32 releases. The attack involved unauthorized code modifications, obfuscated JavaScript payloads using eval() and ROT-based decoding, and new data collectors for GCP and Azure identities. This variant, similar to TeamPCP's (Mini) Shai-Hulud malware, employs unique encrypted payloads per infection. The root cause appears to be a compromised Red Hat employee GitHub account that injected malware via orphan commits and manipulated GitHub Actions to publish packages with valid SLSA provenance attestations. |
| 2026-06-01 | SQLi | Exploitation of Critical SQL Injection Vulnerability in Drupal (CVE-2026-9082) | Writeup detailing the exploitation of CVE-2026-9082, a critical SQL injection vulnerability in Drupal affecting PostgreSQL databases. This unauthenticated flaw, rated 9.8 (CVSS), allows arbitrary SQL execution via crafted requests. CISA has added it to their KEV catalogue, with over 15,000 exploitation attempts detected across various sectors, primarily in the United States. Drupal recommends upgrading to the latest supported release or applying backported fixes. |
| 2026-06-01 | Supply Chain | Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm | Analysis of the Miasma supply chain attack details how compromised @redhat-cloud-services npm packages, including `@redhat-cloud-services/vulnerabilities-client` and others, were injected with an obfuscated preinstall hook. This hook targeted developer machines and CI/CD environments to steal credentials like GitHub Actions secrets, npm tokens, and cloud identities, employing tactics similar to the Mini Shai-Hulud worm. The malware exfiltrated data encrypted to `api.anthropic[.]com:443/v1/api` and leveraged GitHub commits for further propagation, with evidence suggesting a Red Hat employee's compromised GitHub account as the initial entry point. |
| 2026-06-01 | RCE | IBM WebSphere Server Vulnerable to Remote Code Execution Attack Via Crafted Request | IBM WebSphere Application Server has a critical remote code execution (RCE) vulnerability. Attackers can exploit this flaw by sending a specially crafted request, allowing them to execute arbitrary code on the server. This poses a significant security risk, potentially leading to unauthorized access and control of affected systems. Organizations using IBM WebSphere should prioritize patching and mitigating this vulnerability to protect their environments. |
| 2026-06-01 | RCE | Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks | A critical vulnerability has been discovered in a Magento cache plugin, allowing attackers to execute arbitrary code remotely. This flaw poses a significant security risk for e-commerce stores using the affected plugin, as it could lead to complete system compromise. Merchants are strongly advised to immediately update or remove the plugin to mitigate potential attacks. The exact bounty payout for this vulnerability was not disclosed. |
| 2026-06-01 | RCE | Critical Flowise Flaw Gives Attackers Full Server Control | Library for securing open-source AI platforms, specifically addressing CVE-2026-40933 in Flowise. This vulnerability allows attackers to achieve remote code execution (RCE) by importing a malicious workflow file, enabling them to run arbitrary server commands via the Custom MCP tool's stdio transport. The provided patch can be bypassed, and the most effective mitigation involves disabling stdio transport or switching to Server-Sent Events (SSE). |
| 2026-06-01 | RCE | Weekly Recap: New Linux Flaw PAN-OS Exploit AI-Powered Attacks OAuth Phishing and More | Reference of actively exploited vulnerabilities including CVE-2026-0257 in PAN-OS, a critical zero-day RCE in Gogs, and multiple CVEs affecting WordPress, GitLab, and Microsoft products, with recent attacks leveraging AI for faster exploitation and information gathering, alongside the takedown of the GlassWorm C2 operation via trojanized VS Code extensions. |
| 2026-06-01 | RCE | Palo Alto VPN bug graduates from advisory to active exploitation | Analysis of active exploitation of a Palo Alto VPN bug, highlighting the growing trend of AI-assisted attacks targeting API-driven applications and the emergence of AI malware like Shai-Hulud worming Red Hat npm packages. This shifts focus from traditional vulnerabilities to sophisticated AI-driven threats, with implications for election security and the rise of AI integration in development tools such as GitHub Copilot and RAD Studio extensions. |
| 2026-06-01 | RCE | Windows Netlogon RCE exploited domain controllers at risk (CVE-2026-41089) | Writeup on CVE-2026-41089, a critical Windows Netlogon RCE vulnerability, details its exploitation in the wild against domain controllers. This stack-based buffer overflow flaw allows remote code execution via crafted network requests. Microsoft has released patches, and Acros Security offers micropatches for legacy systems. Security teams are advised to patch immediately, restrict Netlogon traffic, and monitor for exploitation indicators like unexpected service crashes or anomalous traffic. |
| 2026-06-01 | Supply Chain | CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks | CrowdStrike and Google have successfully dismantled a botnet that was being used by hackers to conduct supply chain attacks specifically targeting software developers. These malicious actors exploited vulnerabilities to compromise the development environment, potentially impacting a wide range of software products. The coordinated takedown aims to disrupt this threat and protect the software development ecosystem from further exploitation. No bug bounty payout amount was mentioned in the provided content. |
| 2026-06-01 | SSRF | TechEarl: SSRF makes a server fetch what the attacker chooses; in the cloud that means 169.254.169.254 leaking credentials. Why allowlists beat blocklists plus IMDSv2. #SSRF #WebSecurity techearl.com/server-side-req | Server-Side Request Forgery (SSRF) allows attackers to force servers to fetch arbitrary data. In cloud environments, this vulnerability can expose sensitive credentials by targeting the Instance Metadata Service (IMDS) at `169.254.169.254`. The article highlights the superiority of allowlists over blocklists for security and mentions the importance of Instance Metadata Service Version 2 (IMDSv2) in mitigating such risks. |
| 2026-06-01 | RCE | Critical Windows Netlogon RCE flaw now exploited in attacks | Writeup on CVE-2026-41089, a critical Windows Netlogon RCE flaw, details its exploitation by threat actors. This stack-based buffer overflow in the Netlogon RPC interface allows unprivileged attackers to achieve remote code execution on domain controllers. Patched by Microsoft during May 2026 Patch Tuesday, it affects all supported Windows Server versions. The Centre for Cybersecurity Belgium has warned of active exploitation in the wild. |
| 2026-06-01 | RCE | Flowises MCP implementation can run ghost commands | Vulnerability in Flowise’s MCP stdio implementation, CVE-2026-40933, allows for one-click remote code execution in self-hosted deployments. Attackers can exploit a sandboxing failure in attacker-controlled MCP configurations, leading to server-side code execution with the privileges of the Flowise process, potentially granting root-level access in containerized environments. While Flowise has implemented several hardening measures, they have been found to be bypassable. The recommended complete mitigation is disabling MCP stdio by setting `CUSTOM_MCP_PROTOCOL=sse`. |
| 2026-06-01 | Supply Chain | OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack | Library for securing OpenAI Codex authentication tokens, affected by a supply chain attack via the `codexui-android` npm package and Android apps like OpenClaw Codex Claude AI Agent and Codex (BrutalStrike). The malicious code exfiltrates tokens from `~/.codex/auth.json` to `sentry.anyclaw.store`, granting attackers persistent access due to non-expiring refresh tokens. This highlights a growing trend of targeting AI developer tooling for credential theft. |
| 2026-06-01 | Supply Chain | Microsoft discovers new npm attack in 14 packages | Library containing malware that targeted developers via 14 malicious npm packages designed to steal credentials for AWS, HashiCorp Vault, and GitHub Actions. The attack utilized typosquatting and copied metadata from legitimate projects, employing npm installation hooks and the Bun runtime for execution to compromise cloud and CI/CD platforms, enabling lateral movement and further data exfiltration. |
| 2026-06-01 | Supply Chain | Mercor Hit: 4TB Stolen via LiteLLM (95M Downloads) [2026] | Library providing a unified interface to over 100 LLM providers, LiteLLM was compromised, leading to a 4TB data exfiltration from Mercor. The attack chain involved compromising Trivy, injecting malicious code into LiteLLM, and exfiltrating credentials from downstream environments. This incident highlights the risks of fast-moving open-source projects in AI infrastructure and the critical importance of pinned dependencies to prevent supply-chain attacks. |
| 2026-06-01 | AI | ChatGPhish Reveals ChatGPT Browser Prompt Injection Risk | Library that demonstrates browser-based prompt injection against ChatGPT, named ChatGPhish, allows attackers to manipulate page summaries and deliver phishing or social engineering attacks. This technique bypasses traditional security controls by injecting malicious instructions into ordinary web pages, influencing the LLM's output within the trusted ChatGPT interface. The research highlights risks associated with rendering untrusted Markdown content, including a QR code delivery method that circumvents desktop browser protections. |
| 2026-06-01 | RCE | Gogs Zero-Day Exposes Servers to Remote Code Execution | Writeup of a Gogs zero-day vulnerability (CVSS 9.4) enabling remote code execution. Exploitable by authenticated attackers via pull requests with malicious branch names, this argument injection flaw allows for command execution as the Gogs server process user. Rapid7 developed a Metasploit module to automate the exploit and provided IoCs for detection. The vulnerability impacts default-configured Gogs servers on Windows, Linux, and macOS, particularly those with multiple user accounts. |
| 2026-06-01 | RCE | Windows Netlogon 0-Click RCE Vulnerability Now Actively Exploited In The Wild | A critical 0-click Remote Code Execution (RCE) vulnerability in Windows Netlogon is now being actively exploited. This means attackers can compromise systems without any user interaction. The vulnerability, detailed in a linked article, poses a significant security threat to Windows environments. Details regarding specific exploit methods and potential mitigation strategies are likely available within the linked content, emphasizing the urgency for organizations to address this threat. No bug bounty payout amount is mentioned. |
| 2026-06-01 | Supply Chain | Emerging Threats to AI-Assisted Software Supply Chains Highlight Security Demand | AI-assisted software development introduces new security vulnerabilities to the software supply chain. These threats can be exploited to compromise AI models, inject malicious code, or manipulate training data, leading to insecure software. The rise of these risks underscores the critical need for robust security measures throughout the AI development lifecycle to ensure the integrity and safety of AI-assisted software. |
| 2026-05-31 | Supply Chain | SlowMist Says TrapDoor is One of 2026s Largest Supply Chain Attacks | Analysis of the TrapDoor supply chain attack, identified by Socket and detailed by SlowMist, reveals a sophisticated campaign targeting crypto and AI developers via malicious packages on npm, PyPI, and Crates.io. The attack utilized hidden code within installation and build processes, leveraging trusted developer services like GitHub Pages to exfiltrate sensitive data including SSH keys, cloud credentials, and crypto wallets. The npm variant, particularly advanced, manipulated Git hooks and AI coding assistant files like `.cursorrules` and `CLAUDE.md`, employing prompt injection to spread malicious instructions. |
| 2026-05-31 | API Security | Anthropic AI Vulnerability Scanner in Enterprise Beta: IBM Joins Glasswing After 10000 Flaws Found | Tool for AI-powered application security scanning, Claude Security, now in public beta for enterprise customers, identifies vulnerabilities by reasoning over code behavior and data flows, moving beyond traditional signature matching. This approach has surfaced over 10,000 critical software flaws through Anthropic's Project Glasswing consortium, which includes IBM, and has also revealed specific vulnerabilities like CVE-2026-5194 in wolfSSL. The tool aims to compress the find-fix cycle, though patching remains a bottleneck for maintainers. |
| 2026-05-31 | Supply Chain | 14 malicious npm packages impersonated OpenSearch Elasticsearch libraries | Writeup on 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries, demonstrating a supply chain attack vector targeting developers. These packages, designed to mimic legitimate OpenSearch and Elasticsearch modules, pose a significant risk to software integrity and development pipelines. |
| 2026-05-31 | Supply Chain | CISA warns that Nx Console and GitHub repositories abused in multiple supply chain compromises tools across enterprise cloud and DevOps environments exploited | Analysis of supply chain attacks by CISA details exploitation of Nx Console VSCode extension and GitHub repositories via the Megalodon campaign. Threat actors pilfered CI/CD secrets and cloud credentials by poisoning workflows. Recommended mitigations include auditing contributor activity, forensic reviews, rotating secrets, pinning trusted package versions, and delaying package pulls for community detection. |
| 2026-05-31 | Supply Chain | Solana Sui and Aptos wallet data targeted in TrapDoor package attack | Library containing malicious packages on npm, PyPI, and Crates.io designed for the TrapDoor supply-chain attack. These packages disguised as developer utilities target Solana, Sui, and Aptos wallet data, along with SSH keys, GitHub tokens, and cloud credentials. Attackers also abused AI configuration files like `.cursorrules` and `CLAUDE.md` to exfiltrate secrets during AI coding sessions. |
| 2026-05-31 | Supply Chain | Hackers caught hiding OpenAI token-stealing malware in Codex npm package | Hackers have embedded malware designed to steal OpenAI API tokens within the popular Codex npm package. This malicious code was discovered by security researchers, who identified it as a sophisticated attempt to gain unauthorized access to users' AI models and data. The discovery highlights a growing trend of supply chain attacks targeting software development tools. Further investigation is ongoing to determine the full scope of the breach and the potential impact on users. |
| 2026-05-31 | Supply Chain | Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard | Tool, Bumblebee, is a read-only scanner by Perplexity designed to check developer machines for risky packages, extensions, and AI tool configurations during supply-chain incidents. It targets four surfaces including language package managers like npm, pnpm, Yarn, Bun, PyPI, Go modules, RubyGems, and Composer. Unlike other tools, Bumblebee avoids executing scripts and directly inspects metadata files, preventing potential attacks triggered by scanner execution. It differentiates itself from Chainguard by focusing on the developer workstation environment rather than containers and build pipelines. |
| 2026-05-30 | API Security | Vibe Coding Security: Why 62% Of AI-Generated Code Ships With Vulnerabilities | Library analyzing security flaws in AI-generated code, including Cross-Site Scripting (XSS) and Server-Side Request Forgery (SSRF). Research indicates AI code exhibits significantly higher vulnerability rates than human-written code, with studies highlighting failures in XSS defenses, exposed secrets, PII, and lack of CSRF protection and security headers across platforms like Cursor and Claude Code. |
| 2026-05-30 | Supply Chain | The hidden AI security flaw behind four major supply chain attacks | Library for hardening software supply chains against AI-related supply chain attacks, this resource details vulnerabilities in build systems and release workflows that bypass traditional AI model security testing. It highlights incidents impacting OpenAI, Anthropic, Meta, and TanStack, specifically mentioning the TanStack Mini Shai-Hulud worm's exploitation of GitHub Actions and cache poisoning, and the LiteLLM attack's reliance on credential reuse in PyPI. The library emphasizes the need for pipeline-focused red teams, behavioral validation of build processes, dependency credential hygiene, mandatory human review before releases, and strict input sanitization in build tools to mitigate risks like command injection. |
| 2026-05-30 | RCE | New 7-Zip security flaw could put hundreds of millions of systems at risk | A newly discovered security vulnerability in 7-Zip, a popular file archiving utility used by millions, poses a significant risk to systems worldwide. The flaw, dubbed "7-Zip Double Vulnerability," allows attackers to execute arbitrary code. While no specific payout amount is mentioned, the potential impact is substantial, affecting numerous users and systems that rely on 7-Zip for file compression and decompression. Prompt patching and updates are recommended for users to mitigate this threat. |
| 2026-05-30 | RCE | Notepad patches critical bugs: shortest path to malware execution | Notepad++ has released patches for critical vulnerabilities that could allow for the "shortest path" to malware execution. These security flaws, if exploited, posed a significant risk to users by enabling malicious code to run. The software vendor has addressed these issues, urging users to update their Notepad++ installations to the latest version to protect themselves from potential threats. No specific payout amount for the discovered bugs was mentioned in the provided content. |
| 2026-05-30 | RCE | Notepad vulnerabilities could enable arbitrary code execution on Windows systems | Library of information detailing two arbitrary code execution vulnerabilities, CVE-2026-48778 and CVE-2026-48800, affecting Notepad++ versions up to 8.9.6. These flaws, rated High (CVSS 7.8), allow local attackers to execute commands by manipulating `shortcuts.xml` and `config.xml` files. A third crash bug, CVE-2026-48770, was also patched. Exploitation requires the attacker to have write access to user profile directories or trick the user into opening a poisoned settings folder. |
| 2026-05-30 | RCE | CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks | Writeup of CVE-2026-35616, an actively exploited critical FortiClient EMS vulnerability with a CVSS score of 9.1, allowing unauthenticated remote code execution. Threat actors are abusing an improper access control flaw, bypassing API authentication to escalate privileges. Exploits have involved disguised Fortinet patches delivering the EKZ Infostealer malware, which exfiltrates credentials. CISA added this zero-day to its Known Exploited Vulnerabilities catalog. Fortinet has released hotfixes for versions 7.4.5 and 7.4.6, with a permanent fix in 7.4.7. |
| 2026-05-30 | RCE | Exploit Code Published for Critical Flowise RCE Vulnerability | Writeup on CVE-2026-40933, a critical remote code execution vulnerability in Flowise impacting self-hosted instances. This systemic command injection flaw, originating from Anthropic's MCP protocol and facilitated by Flowise's unsafe serialization of stdio commands, allows attackers to execute arbitrary OS commands by convincing a user to import a crafted chatflow. Exploitation can lead to full server compromise, with credentials and connected services at risk. Obsidian Security has published proof-of-concept code demonstrating this exploit. |
| 2026-05-30 | Supply Chain | Download pumping: New npm deception technique for supply chain attacks | A new npm deception technique called "download pumping" has been discovered, posing a threat to supply chain security. This method involves malicious packages registering fake download metrics to appear more popular and trustworthy than they are. Researchers observed campaigns where attackers used this technique to obscure malicious code within seemingly legitimate packages, making them harder to detect and leading to potential system compromises. This discovery highlights the evolving tactics used in supply chain attacks and the need for enhanced vigilance in package vetting. |
| 2026-05-30 | Bug Bounty | Adobe expands bug bounty program to incentivize AI security research| Adobe Security Blog | Program announcement detailing Adobe's expanded bug bounty initiative to incentivize AI security research. It introduces an 'AI Bonus Tier' with rewards up to $15,000 for critical AI-related vulnerabilities. The scope now includes specific AI features across web applications like Acrobat AI Assistant, Firefly Image Models, and Photoshop AI Assistant, along with explicit guidance on AI vulnerability classes such as prompt injection and model abuse. Future expansion will cover mobile and desktop products. |
| 2026-05-30 | SQLi | 700 education and tech websites hijacked in huge ClickFix malware campaign | Analysis of CVE‑2026‑26980, a critical SQL injection vulnerability affecting Ghost CMS versions 3.24.0 through 6.19.0, details how attackers exploited this flaw to hijack over 700 websites. The vulnerability allowed for the theft of administrative API keys, enabling attackers to inject JavaScript that presented fake Cloudflare or CAPTCHA verification dialogs, tricking visitors into running Windows commands to install malware through ClickFix attacks. |
| 2026-05-30 | Supply Chain | Malicious npm packages abuse dependency confusion to profile developer environments | Library for detecting malicious npm packages that exploit dependency confusion to profile developer environments. These packages impersonate internal corporate namespaces and use obfuscated reconnaissance payloads downloaded from attacker-controlled C2 servers. They leverage npm lifecycle hooks for automatic execution during `npm install`, employing anti-analysis techniques and targeting various operating systems. The attack chain involves namespace squatting, spoofed enterprise metadata, and inflated version numbers, with a reconnaissance-only mode that collects system information and credentials for potential follow-on exploitation. |
| 2026-05-30 | RCE | Imperva Customers Protected Against CVE-2026-45247 in Mirasvit Full Page Cache Warmer for Magento | Imperva's services are protecting its customers from vulnerabilities in Mirasvit's Full Page Cache Warmer for Magento, specifically addressing CVE-2026-45247. This protection shields Magento e-commerce sites from potential attacks targeting this specific security flaw within the cache warmer extension. No bug bounty payout amount is mentioned. |
| 2026-05-29 | Supply Chain | Typosquatted npm packages used to steal cloud and CI/CD secrets | Library detailing an npm supply chain attack where typosquatted packages like "opensearch-setup" and "elastic-opensearch-helper" were used to steal AWS credentials, HashiCorp Vault tokens, and CI/CD secrets. The malicious packages leverage npm lifecycle hooks to execute a credential harvester that targets AWS IMDSv2, ECS task metadata, Secrets Manager across multiple regions, and npm publish tokens, enabling cloud lateral movement and downstream supply-chain pivoting. |
| 2026-05-29 | SQLi | Critical Roundcube Flaw Allows Attackers to Inject SQL Queries | Writeup detailing critical vulnerabilities in Roundcube Webmail, including a pre-authentication SQL injection flaw in the `virtuser_query` plugin via `preg_replace` backslash escape bypass, allowing arbitrary database queries. The update also addresses code injection via the LDAP `autovalues` option and other issues like stored XSS, CSS injection, SSRF bypass, and session poisoning. These vulnerabilities are patched in versions 1.6.16 and 1.7.1. |
| 2026-05-29 | Supply Chain | Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets | Library exploiting Sicoob NuGet and npm packages targets sensitive data. Malicious versions of "Sicoob.Sdk" exfiltrate client IDs and PFX certificates, while npm packages like "@vpmdhaj/devops-tools" harvest AWS credentials, Vault tokens, and CI/CD secrets. These attacks employ techniques such as typosquatting, dependency confusion, and brandjacking to achieve manufactured legitimacy and compromise developer workflows, echoing broader supply chain attack campaigns. |
| 2026-05-29 | RCE | No fix yet for critical Gogs RCE bug - exploit module is out | Writeup on a critical Remote Code Execution (RCE) vulnerability in the open-source Git service Gogs. As of May 2024, no fix has been released, and an exploit module is publicly available. The researcher reported the vulnerability in March, but maintainers have not responded. |
| 2026-05-29 | Supply Chain | CISA adds Daemon Tools TanStack and Nx Console compromised versions to KEV catalog | Catalog listing of CVE-2026-8398, CVE-2026-45321, and CVE-2026-48027, impacting Daemon Tools Lite, TanStack npm packages, and Nx Console. These vulnerabilities, identified by CISA for inclusion in the Known Exploited Vulnerabilities catalog, resulted from supply chain attacks. Compromised Daemon Tools installers utilized valid code-signing certificates, while TanStack packages were maliciously published via GitHub Actions. The Nx Console vulnerability involved a malicious version appearing on the Visual Studio Marketplace and OpenVSX. |
| 2026-05-29 | Supply Chain | CISA urges security teams to check for software development compromises | CISA is issuing an urgent alert to security teams, advising them to proactively scan their systems for compromises within their software development environments. This directive highlights the critical need to safeguard the integrity of the software supply chain. The agency's recommendation stems from concerns about potential vulnerabilities and breaches that could affect the development process, leading to widespread risks for downstream users. Security teams are encouraged to implement robust checks and balances to ensure the safety and trustworthiness of their software development practices. |
| 2026-05-29 | Supply Chain | AI Software Supply Chain Threats Escalate in 2026 | Analysis of JFrog's Software Supply Chain Security State of the Union 2026 report reveals escalating AI-driven threats, including nearly 500 malicious AI models capable of credential theft and system compromise, a 451% surge in malicious npm packages, and attackers targeting developer tools and CI/CD pipelines. The report highlights governance gaps around AI coding assistants and IDE extensions, alongside an increase in insecure AI-generated code, leading to vulnerabilities like XSS and SQL injection. This growing "vulnerability noise" complicates risk prioritization, with over 48,000 new CVEs disclosed in 2025. |
| 2026-05-29 | RCE | Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit | Writeup on CVE-2026-39987 exploitation impacting Marimo, detailing how attackers leverage an LLM agent for post-exploitation. The agent autonomously exfiltrated cloud credentials and an SSH private key from AWS Secrets Manager, subsequently used to access an SSH bastion server and extract an internal PostgreSQL database schema and contents rapidly. Indicators of LLM involvement include improvisational database dumping, machine-consumable command streams with delimiters, and the agent feeding its own previous output into subsequent actions. |
| 2026-05-29 | AI | Fed up with vibe coders dev sneaks data-nuking prompt injection into their code | Library update details a prompt injection vulnerability within the jqwik Java testing application for JUnit 5. The malicious instruction, disguised with ANSI escapes, directs AI coding agents to delete tests and code, posing a destructive risk to developers using vulnerable agents without warning or opt-out. Anthropic's Claude AI reportedly flagged this prompt injection. |
| 2026-05-29 | Supply Chain | Typosquatted npm Packages Steal Cloud and CI/CD Secrets | Library that details a coordinated npm supply chain attack leveraging typosquatted packages like "opensearch-setup" and "elastic-opensearch-helper" to steal cloud and CI/CD secrets. The malware uses npm lifecycle hooks for silent execution, with payloads designed to harvest AWS credentials, HashiCorp Vault tokens, GitHub Actions secrets, and npm publish tokens. Attackers exploit techniques like metadata spoofing, version number inflation, and embedded Bun runtimes to evade detection, with a unique "X-Supply: 1" header as a potential indicator of compromise. |
| 2026-05-29 | GraphQL | GitLab Patches Multiple Duo AI DoS and Authorisation Vulnerabilities | Patches for GitLab CE/EE address seven vulnerabilities, including Duo AI authorization flaws and Wiki denial-of-service. CVE-2026-4868, a critical flaw, allows authenticated users to impersonate others via Duo AI workflows. Medium-severity issues impact GraphQL, Operations, Pipelines, and authentication, potentially exposing private data or bypassing access controls. Self-managed installations require immediate upgrades to versions 19.0.1, 18.11.4, or 18.10.7. |
| 2026-05-29 | RCE | New Gogs 0-Day Flaw Enables Remote Code Execution on Servers | Library allows authenticated users to run arbitrary commands on a Gogs server via a critical 0-day vulnerability affecting the "Rebase before merging" feature. The flaw, discovered by Rapid7 Labs and impacting versions 0.14.2 and 0.15.0+dev, stems from unsanitized branch names being passed to Git commands, enabling the injection of an "--exec" flag for remote code execution. This allows attackers to access sensitive data, steal credentials, and pivot to other systems, with a Metasploit module available for exploitation. |
| 2026-05-29 | API Security | Security Researcher: WordPress 7.0 Could Trigger Rush To Steal AI API Keys | Library discussing the security implications of AI API keys in WordPress 7.0, highlighting a specific bug where Anthropic API keys are exposed via browser autofill. This vulnerability, along with broader concerns about WordPress's architecture and secrets management, makes WordPress sites attractive targets for attackers aiming to steal valuable AI credentials for activities like bot networks, scaled phishing, and unauthorized AI usage, potentially leading to significant financial loss. |
| 2026-05-29 | Supply Chain | How the Glassworm Takedown Secures Digital Supply Chains | Operation. This summary describes the Glassworm botnet takedown, a coordinated effort by CrowdStrike, Google, and Shadowserver to dismantle a threat targeting developers. Glassworm employs trojanized VSCode extensions, compromised npm and Python packages, and poisoned GitHub repositories to inject malicious code. Its resilience is attributed to a decentralized command and control architecture utilizing the Solana blockchain, BitTorrent DHT, Google Calendar events, and commercial virtual servers, making it resistant to conventional takedown methods. |
| 2026-05-29 | RCE | Critical Notepad Vulnerabilities Allow Attackers to Execute Arbitrary Code | Writeup on Notepad++ v8.9.6.1 patching CVE-2026-48778 and CVE-2026-48800, which enable arbitrary code execution by manipulating `config.xml` or `shortcuts.xml` respectively. Attackers can exploit these vulnerabilities through direct file writes, malicious shortcuts, cloud sync poisoning, or social engineering by crafting specific XML tags that are then passed unsafely to `ShellExecute()`, allowing for the execution of arbitrary executables. |
| 2026-05-29 | RCE | Google Chrome Multiple Vulnerabilities | Reference listing multiple Google Chrome vulnerabilities, including CVE-2026-9110 through CVE-2026-9124 and CVE-2026-9126. Exploitation can lead to remote code execution, denial of service, security restriction bypass, and sensitive information disclosure. Updates to version 148.0.7778.178/179 address these issues on Linux, Mac, and Windows. |
| 2026-05-29 | RCE | Notepad Fixes CVE-2026-48770 RCE Vulnerability | Writeup of CVE-2026-48778, a critical Notepad++ RCE vulnerability, detailing how improper handling of the `config.xml` file's `<GUIConfig name=”commandLineInterpreter”>` parameter allows attackers to execute arbitrary commands by manipulating application settings. The entry also mentions CVE-2026-48770 and CVE-2026-48800, highlighting the risk of configuration-based attack surfaces and advising immediate updates to Notepad++ version 8.9.6.1. |
| 2026-05-29 | Bug Bounty | Microsoft 0-day feud escalates as researcher threatens another Windows exploit dump | Analysis of the escalating Microsoft 0-day feud, where a researcher threatened to dump Windows exploits. The article touches on AI-assisted attacks targeting API-driven applications, malicious npm packages mimicking popular libraries, and the ongoing challenges of securing open-source software like Gogs. It also briefly mentions Okta's efforts to manage rogue AI agents and the complexities of data sovereignty in cloud environments. |
| 2026-05-29 | RCE | Critical Samba Vulnerability Enables Remote Code Execution Attacks | Library patches address CVE-2026-4480, a critical Samba vulnerability enabling unauthenticated remote code execution via command injection through the `%J` substitution parameter in print commands. Exploitation occurs when Samba fails to sanitize shell meta characters, allowing attackers to inject malicious commands. Affected systems include those not using `printing = cups` or `printing = iprint`. Mitigations involve quoting `%J` or removing it from `smb.conf`. SafeBreach, ZeroPath, and Securin Labs reported the flaw, with fixed Samba versions 4.22.10, 4.23.8, and 4.24.3 released. |
| 2026-05-29 | RCE | VS Code Remote-SSH RCE Lets Attackers Pivot From Developer Machines to Cloud Servers | Writeup on a Visual Studio Code Remote-SSH RCE vulnerability allowing attackers to pivot from compromised developer machines to cloud environments like AWS EC2 and Azure VMs. The flaw stems from a Time-of-Check to Time-of-Use race condition in how the extension handles bootstrap scripts, enabling attackers to inject malicious payloads executed on the target server after a successful, even MFA-protected, login. This bypasses authentication by exploiting trust in developer workflows, affecting millions of installations including Remote Explorer and cloud-specific toolkits. |
| 2026-05-29 | API Security | Anthropic Launches Free Claude Code Terminal Plugin to Detect Security Vulnerabilities | Plugin for Claude Code that continuously scans AI-generated code for vulnerabilities like injection flaws and insecure deserialization. It employs a three-layer review process: fast pattern matching on edits, an end-of-turn Claude security review for higher-level issues such as IDORs and SSRF, and an agentic review on commits. The plugin can be extended with custom rules and patterns. |
| 2026-05-29 | Supply Chain | Supply chain attacks hide malicious code inside the software you trust | Supply chain attacks insert malicious code into legitimate software, making it appear trustworthy. This sophisticated technique targets the development and distribution process, compromising the integrity of software before it reaches end-users. Attackers exploit vulnerabilities in third-party components, build systems, or distribution channels to inject malware. Once deployed, this hidden code can steal data, disrupt operations, or establish persistent access to systems. Protecting against these attacks requires rigorous security measures throughout the software lifecycle, including code verification, dependency scanning, and secure development practices. |
| 2026-05-29 | RCE | Microsoft Edge Multiple Vulnerabilities | Bulletin detailing multiple vulnerabilities in Microsoft Edge, including CVE-2026-9872 through CVE-2026-10022. Exploitation could lead to remote code execution, denial of service, security restriction bypass, information disclosure, and data manipulation. Users should update to Microsoft Edge version 148.0.3967.96 or later to mitigate these risks. |
| 2026-05-29 | RCE | Google Chrome Multiple Vulnerabilities | Analysis of multiple vulnerabilities in Google Chrome versions prior to 148.0.7778.215 (Linux), 148.0.7778.215/216 (Mac), and 148.0.7778.216/217 (Windows). These vulnerabilities, identified under CVE-2026-9872 through CVE-2026-10022, can lead to remote code execution, denial of service, security restriction bypass, information disclosure, and data manipulation on affected systems. Applying the vendor-issued updates is the recommended solution. |
| 2026-05-28 | SQLi | Roundcube Webmail Vulnerability Allows Hackers to Execute Malicious SQL Queries | Library update addressing critical Roundcube Webmail vulnerabilities, including a pre-authentication SQL injection in the virtuser_query plugin via `preg_replace` backslash escape bypass, code injection via unsafe LDAP autovalues evaluation, stored XSS in draft restore, CSS injection bypass with SVG animate, SSRF and remote resource fetch bypasses, remote image blocking bypass, and pre-authentication arbitrary file deletion through Redis/Memcache session poisoning. Versions 1.6.16 and 1.7.1 contain the fixes. |
| 2026-05-28 | Supply Chain | GlassWorm Malware Takedown: Disruption of Developer Supply Chain Attacks Targeting VSCode npm Python and GitHub | Library detailing the disruption of the GlassWorm malware campaign, which targeted the developer supply chain. The malware utilized trojanized VSCode extensions, compromised npm and Python packages, and poisoned over 300 GitHub repositories using stolen credentials. GlassWorm RAT, its payload, harvested credentials from various developer tools and crypto-wallets, deploying SOCKS proxies and VNC clients. Its resilient C2 infrastructure leveraged the Solana blockchain, BitTorrent DHT, Google Calendar, and traditional VPS providers, requiring a coordinated takedown on May 26, 2026. |
| 2026-05-28 | RCE | Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code | A critical Remote Code Execution (RCE) vulnerability has been discovered in Gogs, a popular self-hosted Git service. This flaw allows any authenticated user to execute arbitrary code on the server. The vulnerability reportedly lies within the template rendering mechanism. Further details and potential fixes are expected to be released following responsible disclosure. No bounty payout amount is mentioned. |
| 2026-05-28 | RCE | Critical Notepad Flaw Could Enable Remote Code Execution Attacks | Writeup on Notepad++ vulnerabilities CVE-2026-48770, CVE-2026-48778, and CVE-2026-48800, detailing how improper handling of config.xml, specifically the `commandLineInterpreter` parameter, can lead to arbitrary code execution via the "Open Containing Folder in cmd" feature. Attack vectors include direct file modification, malicious shortcuts using `-settingsDir`, cloud-synced configurations, and social engineering. Remediation requires upgrading to Notepad++ 8.9.6.1. |
| 2026-05-28 | RCE | New Gogs zero-day flaw lets hackers get remote code execution | Library for analyzing Gogs zero-day RCE vulnerabilities, including an unpatched argument injection flaw enabling remote code execution via specially crafted pull requests and malicious branch names. This critical vulnerability, affecting Gogs 0.14.2 and 0.15.0+dev, allows authenticated attackers to compromise servers, access private repositories, and extract credentials. The flaw resembles previously patched argument injection issues like CVE-2024-39933 and CVE-2024-39932, but targets a different code path. |
| 2026-05-28 | Supply Chain | CrowdStrike Google Shut Down Glassworm Malware Operation - Open Source For You | Analysis of the Glassworm botnet operation, disrupted by CrowdStrike and Google, details the targeting of the open-source software supply chain. Attackers poisoned over 300 GitHub repositories, abused compromised NPM and Python packages, and used trojanized VS Code extensions on the Open VSX marketplace to spread malware and steal credentials. The operation highlights the growing threat to developer infrastructure and open-source ecosystems. |
| 2026-05-28 | RCE | Microsoft Fixes SharePoint RCE Flaw Affecting On-Prem Servers | Library of security updates fixes CVE-2026-45659, a critical RCE vulnerability in Microsoft SharePoint Server affecting on-premises versions. Discovered by MEOW, this flaw allows authenticated attackers with minimal privileges to execute malicious code remotely through improper data deserialization. The vulnerability carries a CVSS score of 8.8 and impacts SharePoint Server Subscription Edition, 2019, and 2016. Microsoft urges immediate application of security updates and recommends strengthening access controls and monitoring. |
| 2026-05-28 | Supply Chain | New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails | Platform for detecting AI coding agent drift and malicious behavior, Edamame monitors workstation posture, hardens environments, and integrates with agents like Cursor and Claude. Its divergence and attack-pattern detection engines analyze telemetry for credential exfiltration, token theft, and sandbox exploitation, providing runtime verification for coding agent workloads and identifying supply-chain attacks. |
| 2026-05-28 | SQLi | Critical Roundcube Webmail Vulnerability Let Attackers Inject SQL Queries | Writeup of critical Roundcube Webmail SQL injection vulnerability impacting versions 1.6.x and 1.7.x. The flaw, present in the virtuser_query plugin due to improper input sanitization in `preg_replace`, allows pre-authentication SQL injection, potentially exposing sensitive data. Additional fixes address stored XSS, HTML/CSS injection via SVG, SSRF bypasses, remote image blocking issues, arbitrary file deletion via session poisoning, and code-evaluation vulnerabilities in LDAP autovalues. Patched versions 1.6.16 and 1.7.1 are available. |
| 2026-05-28 | XSS | CVE-2026-41241: Critical Stored XSS in Pretalx Conference Platform Allows Attackers 100% Talk Acceptance (Patched in 2026.1.0) | Writeup of CVE-2026-41241, a critical stored XSS vulnerability in Pretalx versions prior to 2026.1.0, allowing any registered user to compromise organizer accounts and force talk acceptance. Exploitation involves submitting a talk proposal with a crafted XSS payload in fields like title, speaker display name, or email, which executes when an organizer uses the backend search. The vulnerability stems from improper sanitization and unsafe `innerHTML` usage. Immediate upgrade to version 2026.1.0 is recommended. |
| 2026-05-28 | AI | This article outlines some of the potential security risks through the lens of real-world AI and LLM applications assessed by Krolls Offensive Security team. Read more. | Analysis of real-world AI applications, including a healthcare app using Model Context Protocol (MCP), an online pharmacy with Retrieval Augmented Generation (RAG), a retail business's automated refund processing, and a customer support line's voice authentication, reveals significant security risks. Kroll's Offensive Security team discovered vulnerabilities such as prompt injection, data exfiltration potential through indirect prompts, manipulation of RAG filters leading to inaccurate information, and bypassing invoice validation agents for fraudulent refunds, highlighting the need for rigorous AI security testing. |
| 2026-05-28 | RCE | Wide-ranging 7-zip vulnerability with 8.8 CVE rating allows for code execution hundreds of millions of machines potentially at risk | Writeup of CVE-2023-23752, a critical vulnerability in 7-Zip affecting hundreds of millions of machines. This flaw allows for arbitrary code execution simply by opening a crafted archive, with no user interaction required beyond opening the file. Exploitable across Windows, Linux, and macOS, and integrated into numerous third-party applications and CI/CD pipelines, the vulnerability impacts widely used .7z, .zip, and .rar formats. Users are strongly advised to update to version 26.01 immediately. |
| 2026-05-28 | Supply Chain | Multiple German hospitals impacted in billing provider data breach | Breach detailing how hackers compromised Unimed, a German medical billing provider, impacting multiple university hospitals and leading to the theft of vast amounts of patient data, including billing disputes and personal information, affecting thousands of individuals across cities like Freiburg and Cologne. |
| 2026-05-28 | RCE | FortiClient Code Execution Vulnerability Exploited to Deploy EKZ Malware | Writeup of CVE-2026-35616 in FortiClient EMS details how attackers exploit improper access control to deploy the EKZ Infostealer. The vulnerability allows unauthenticated API access, enabling threat actors to modify endpoint policies and weaponize the legitimate `on_connect` directive for script execution. This leads to managed endpoints downloading and running a PowerShell payload that installs EKZ, a credential stealer targeting Chromium and Gecko browsers, exfiltrating passwords, cookies, and autofill data. |
| 2026-05-28 | AI | Indirect Prompt Injection Is Now a Real-World AI Security Threat | Library for data-layer governance of AI agents, enabling cryptographic authentication, real-time attribute-based access policy evaluation, and tamper-evident audit trails to prevent data exfiltration and credential theft. This approach provides independent enforcement, ensuring security even when models are compromised or prompts are manipulated, addressing vulnerabilities like those seen in GrafanaGhost, ForcedLeak, GeminiJack, and DockerDash, and satisfying regulatory compliance demands. |
| 2026-05-28 | API Security | FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework | Library update addressing CVE-2026-48710 in Starlette, the framework powering FastAPI, which allows authentication bypass via malformed Host headers. This flaw, rated as High by researchers at X41 D-Sec, can lead to SSRF and RCE in AI tools, model-serving infrastructure, and API gateways. A patch is available in Starlette 1.0.1 and later. |
| 2026-05-28 | API Security | FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework | Tool for detecting authentication bypass vulnerabilities in applications built with the Starlette framework, which powers FastAPI. The flaw, CVE-2026-48710, allows unauthenticated attackers to bypass host-validation protections by sending malformed Host headers containing special characters like slashes or question marks. This can lead to authentication bypass, SSRF, and potentially remote code execution, impacting LLM gateways, MCP servers, and agent infrastructure. A website, badhost.org, is available to test for the vulnerability. |
| 2026-05-28 | RCE | Microsoft SharePoint Server Flaw Enables Remote Code Execution Attacks | Analysis of CVE-2026-45659, a critical remote code execution flaw in Microsoft SharePoint Server. This vulnerability, stemming from deserialization of untrusted data (CWE-502), carries a CVSS v3.1 score of 8.8 and can be exploited over a network with low attack complexity and no user interaction, requiring only authenticated access. Exploitation allows attackers to execute arbitrary code within the SharePoint server context, potentially leading to lateral movement, privilege escalation, and data breaches. Microsoft has released security updates to patch this high-priority vulnerability. |
| 2026-05-28 | RCE | Angular Language Service Extension Flaws Allow Remote Code Execution | Library containing vulnerabilities in the Angular Language Service VS Code extension (Angular.ng-template) before version 21.2.4. Exploits include JSDoc Markdown command injection and unsafe handling of TypeScript SDK configurations, allowing attackers to achieve remote code execution through malicious project files. These flaws bypass VS Code's Workspace Trust model, enabling arbitrary command execution during workspace initialization or via user interaction with tooltips. Affected CWEs include CWE-79, CWE-94, CWE-427, and CWE-494. |
| 2026-05-28 | Python | CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV | Writeup of CVE-2026-31431, a Linux kernel privilege escalation vulnerability dubbed "Copy Fail," which allows unprivileged local users to achieve root access by corrupting the kernel's in-memory page cache. The vulnerability impacts Linux distributions shipped since 2017 and has been added to CISA's KEV catalog due to active exploitation. Exploitation is facilitated by a Python-based exploit that uses legitimate system calls, making detection difficult and lowering the entry barrier for attackers, posing significant risks to containerized environments like Docker, LXC, and Kubernetes. |
| 2026-05-28 | AI | Prompt Injection in 2026 for Web3 Security | Library for mitigating prompt injection in Web3 AI agents, addressing risks like wallet manipulation, DAO governance capture, and secret leakage. It emphasizes hardening the architecture around LLMs, including data flows, retrieval pipelines, and tool permissions, as model-layer defenses alone are insufficient. The library highlights common override phrases like "disregard previous instructions" as high-risk indicators and acknowledges sophisticated evasion techniques beyond simple keyword matching, particularly for indirect prompt injection via untrusted content. |
| 2026-05-27 | Supply Chain | CrowdStrike Google shatter Glassworm botnet | Tool for identifying and remediating application vulnerabilities, leveraging AI to detect issues before production. This resource discusses the impact of LLMs on API attacks, the challenges in data sovereignty, and the trend towards "headless" SaaS architectures, exemplified by Salesforce and Anthropic. It also touches on the hardware crunch impacting IT infrastructure and the evolving landscape of cloud-native platforms. |
| 2026-05-27 | Supply Chain | Glassworm Group: Software Supply-Chain Attackers Disrupted | Analysis of the Glassworm Group's software supply-chain attacks details their use of GlasswormRAT, a Node.js-based remote access Trojan, to poison code repositories like VS Code Marketplace and Open VSX. The group leverages stolen developer credentials to force-push malicious code into default branches of over 300 GitHub repositories, targeting Windows, Mac, and Linux systems. Their resilient command-and-control infrastructure utilized the Solana blockchain, BitTorrent, and Google Calendar for C2 server resolution. Indicators of compromise include connections to CrowdStrike-operated IP address 164.92.88.210. |
| 2026-05-27 | Supply Chain | CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks | Analysis of the Glassworm botnet, a threat actor that targeted open source developers and their supply chains for two years. CrowdStrike, Google, and Shadowserver collaborated to disrupt Glassworm's operations by taking down four command-and-control channels. Glassworm employed strategies like distributing malicious extensions, malvertising, and credential stuffing to compromise over 300 GitHub repositories. The botnet leveraged infrastructure including the Solana blockchain, BitTorrent, and Google Calendar. |
| 2026-05-27 | RCE | Microsoft Issues Out-of-Band SharePoint Patch | Microsoft has released an out-of-band patch for SharePoint to address a critical security vulnerability. This urgent update is necessary to protect users from potential exploits targeting the platform. The specific details of the vulnerability and the patch are available via the provided link. No bug bounty payout information is mentioned in this content. |
| 2026-05-27 | API Security | Attackers Can Exploit BadHost to Access Sensitive AI Agent Server Endpoints | Vulnerability, CVE-2026-48710, named BadHost, allows attackers to bypass authentication in AI agent servers by manipulating HTTP Host headers. This critical flaw affects Starlette versions before 1.0.1, a framework underpinning many FastAPI applications used for LLM inference, agent frameworks, and MCP gateways. Attackers can exploit this to access sensitive AI models, internal tools, and API keys by causing the application to misinterpret request paths. Upgrading Starlette, using more robust authentication mechanisms in FastAPI, or employing reverse proxies can mitigate this risk. |
| 2026-05-27 | Supply Chain | Glassworm botnet disrupted after resilient C2 infrastructure takedown | Analysis of Glassworm botnet disruption details its resilient C2 infrastructure, which leveraged Solana blockchain transactions, BitTorrent DHT, Google Calendar, and direct server connections. Researchers from CrowdStrike, Google, and The Shadowserver Foundation simultaneously took down these four channels, preventing infected machines from receiving new instructions or payloads. The report highlights Glassworm's targeting of developers through malicious OpenVSX and VS Code extensions, as well as npm packages, and provides YARA rules to identify infections. |
| 2026-05-27 | Supply Chain | Megalodon Malware Infects Over 5500 GitHub Repositories | Megalodon malware has compromised over 5,500 repositories on GitHub. The malware, which targets Windows and Linux systems, installs itself as a cryptocurrency miner. Researchers discovered that Megalodon uses open-source tools and aims to steal cryptocurrency wallet credentials. This widespread infection highlights significant security vulnerabilities within the developer ecosystem, emphasizing the need for robust security practices and ongoing monitoring of code repositories. The exact impact and potential for data exfiltration are still being assessed. |
| 2026-05-27 | SSRF | AI Security Guard: Server-Side Request Forgery: What It Is & How To Fix It | This article from AI Security Guard explains Server-Side Request Forgery (SSRF). SSRF is a vulnerability where an attacker can trick a server into making requests to unintended locations, potentially accessing internal resources or external services. The article likely details how SSRF attacks work, their potential impact, and provides guidance on how to prevent and mitigate these vulnerabilities. It is presented as a guide to understanding and securing against SSRF. No bounty payout amount is mentioned. |
| 2026-05-27 | SSRF | AI Security Guard: Server-Side Request Forgery: What It Is & How To Fix It | Server-Side Request Forgery (SSRF) is a vulnerability where an attacker can trick a server into making unintended requests to internal or external resources. This can lead to data breaches, unauthorized access, and even remote code execution. The article explains SSRF and outlines methods to prevent it, focusing on proper input validation, network segmentation, and disallowing direct access to sensitive internal systems. It emphasizes treating all user-supplied input as untrusted. No bug bounty payout amount is mentioned. |
| 2026-05-27 | SSRF | 0xk4rim: WAF bypass via IP décimale (DWORD) comment 127.0.0.1 devient 2130706433 et contourne les filtres naïfs. #BugBounty #SSRF #WebSecurity @yeswehack @Hacker0x01 @Bugcrowd | This content describes a Web Application Firewall (WAF) bypass technique discovered by 0xk4rim. The method involves converting an IP address, specifically localhost (127.0.0.1), into its decimal (DWORD) equivalent, 2130706433. This decimal representation circumvents naive WAF filters that may not properly validate or process IP addresses in this format. The technique is relevant to Bug Bounty hunting, SSRF vulnerabilities, and general web security. |
| 2026-05-27 | SSRF | Vulert: CVE-2026-45568: Critical SSRF risk in zrok Python ProxyShare. Attackers may abuse the flaw to send unauthorized requests to internal systems or protected backend resources. #CVE #SSRF #zrok #CyberSecurity #Vulert | A critical Server-Side Request Forgery (SSRF) vulnerability, CVE-2026-45568, has been identified in zrok Python ProxyShare. This flaw allows attackers to send unauthorized requests to internal systems or protected backend resources. |
| 2026-05-27 | Supply Chain | GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure | Library focused on disrupting the GlassWorm software supply chain attack campaign, which targeted developers via trojanized VS Code extensions, npm, and Python packages. This campaign aimed to steal credentials, cryptocurrency, and exfiltrate system data, often deploying GlassWormRAT. Attackers leveraged resilient C2 channels including the Solana blockchain, BitTorrent DHT, Google Calendar, and commercial VPS providers to maintain access and propagate, poisoning over 300 GitHub repositories. |
| 2026-05-27 | API Security | Vulnerability in open-source component puts AI platforms at risk | Library affecting Starlette, a foundational framework for AI platforms like FastAPI, vLLM, and LiteLLM, is vulnerable due to CVE-2026-48710, dubbed BadHost. This flaw allows attackers to bypass access controls by manipulating HTTP Host headers, potentially exposing internal applications, authentication data, API keys, and sensitive corporate information, especially within AI agents that interact with external data sources. A patch is available in Starlette 1.0.1. |
| 2026-05-27 | Bug Bounty | The AI Era Is Creating a Bug Hunting Arms Race | Survey of AI's impact on bug hunting, detailing how agentic AI models are accelerating vulnerability discovery and exploit development, leading to an arms race. This surge is flooding bug bounty programs, changing payout economics, and pressuring traditional disclosure timelines like 90-day deadlines, as seen with projects like Curl and the Linux mailing list. Researchers like Joseph Thacker are leveraging AI for increased submissions, while companies like Google are adapting reward programs, and some advocate for structural defenses over patching to mitigate risks posed by AI-enabled zero-day exploits from both criminal and nation-state actors. |
| 2026-05-27 | RCE | SharePoint Has a New RCE Flaw. If You Haven't Patched Yet Go Do That. | Writeup of CVE-2026-45659, a high-severity Microsoft SharePoint remote code execution vulnerability. Exploitable by authenticated attackers with minimal Site Member permissions, the flaw stems from deserialization of untrusted data and does not require complex conditions. Microsoft has released patches for SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016. This follows other recent SharePoint targeting, including CVE-2026-32201 being added to CISA's KEV catalog. |
| 2026-05-27 | RCE | Microsoft Edge Multiple Vulnerabilities | Bulletin on Microsoft Edge vulnerabilities, including CVE-2026-9110 through CVE-2026-9124 and CVE-2026-9126, which allow remote code execution, denial of service, security restriction bypass, and sensitive information disclosure. Affected versions are prior to 148.0.3967.83. The solution is to update to version 148.0.3967.83 or later. |
| 2026-05-27 | Supply Chain | TeamPCP Compromised LiteLLM in AI Supply Chain Attack | Library compromising LiteLLM through an AI supply chain attack involved poisoning the Trivy scanner to steal CI/CD tokens, enabling the publication of malicious LiteLLM packages to PyPI. These packages used source injection and stealthy .pth file execution to harvest credentials for OpenAI, Anthropic, Azure, AWS, and Kubernetes, highlighting risks in AI infrastructure and developer pipelines. |
| 2026-05-27 | AI | Beyond the hype: A CIO's guide to LLM risk management | Reference on LLM risk management for CIOs, this guide classifies LLM use cases, inventories embedded AI, and governs data, permissions, outputs, drift, and vendor obligations. It details questions for internal teams and vendors regarding data privacy, system access, prompt injection, and bias testing. The framework emphasizes ownership, acceptable usage policies, risk classification, enterprise inventories, security controls for prompt injection and access scoping, data governance for agentic AI, monitoring, third-party risk, and audit preparedness against NIST AI Risk Management Framework, ISO 42001, and the EU AI Act. |
| 2026-05-27 | SSRF | Mahmoud BARRY ( Docteur JS): Day #11 of #100DaysOfCyber | Exploitation d'un #SSRF Avant hier on a vu la théorie derrière le SSRF (Server-Side Request Forgery). Aujourd'hui place au lab pratique de PortSwigger pour voir comment ça se passe concrètement dans Burp Suite. Le scénario : L'application propose | Mahmoud BARRY ( Docteur JS👨💻): Day #11 of #100DaysOfCyber | Exploitation d'un #SSRF Avant hier, on a vu la théorie derrière le SSRF (Server-Side Request Forgery). Aujourd'hui, place au lab pratique d... |
| 2026-05-26 | Python | Starlette vulnerability exposes millions of AI agents to hackers | Library for Python's Starlette framework addresses critical vulnerabilities including CVE-2024-47874 and CVE-2025-62727, which impact AI agents and crypto tools. These flaws enabled denial-of-service attacks through improper handling of large multipart form data and crafted Range headers, respectively. Patched versions are 0.40.0 and 0.49.1, though widespread adoption across thousands of downstream projects may lag, leaving AI-driven trading bots and DeFi automation tools exposed to memory poisoning and unauthorized transactions. |
| 2026-05-26 | SQLi | Ghost CMS Vulnerability Exploited to Hack Over 700 Websites | Writeup of CVE-2026-26980, an SQL injection vulnerability in Ghost CMS, details how threat actors exploited it for mass attacks. Unauthenticated attackers can extract sensitive data, including authentication tokens and user credentials. The vulnerability was leveraged to obtain Admin API Keys, allowing malicious JavaScript loaders for ClickFix attacks to be injected into articles. Over 700 websites, including those of DuckDuckGo, Harvard University, and Oxford University, were compromised by at least two active threat groups. |
| 2026-05-26 | Supply Chain | Socket Raises $60M for Wider Software Supply-Chain Defense | Library for securing software supply chains, Socket provides protection for developer endpoints, AI ecosystems, browser extensions, and editor plug-ins. It addresses the growing threat of malicious packages and dependencies introduced by AI development tools and open-source packages, offering features like Socket Firewall to block threats before they reach pipelines. The company has secured $60 million in funding to expand its security controls across broader software ecosystems and enhance its human-vetted threat analysis capabilities. |
| 2026-05-26 | RCE | Multiple Angular Language Service Extension Vulnerabilities Enable RCE Attacks | Library exploits in the Angular Language Service Visual Studio Code extension, specifically GHSA-ccq4-xmxr-8hcq, enable RCE via JSDoc hover command injection and insecure TypeScript SDK configuration loading. Attackers can craft malicious JSDoc comments or workspace settings to execute arbitrary commands on developer systems, bypassing VS Code's Workspace Trust. Versions prior to 21.2.4 are affected, with patches available in release 21.2.4. |
| 2026-05-26 | Supply Chain | Well-architected best practices for software supply chain security | Reference for software supply chain security best practices, aligned with the AWS Well-Architected Framework. This document details techniques to mitigate risks from compromised maintainer accounts and malicious package downloads, referencing incidents like Shai-Hulud and the exploitation of npm packages. Key recommendations include using temporary credentials, enforcing least privilege access, implementing multi-factor authentication, and utilizing artifact signing with services like AWS Signer to create defense-in-depth strategies. |
| 2026-05-26 | SQLi | Drupal bug added to CISA list of known exploited vulnerabilities | Library |
| 2026-05-26 | Python | llama.cpp GGUF Parser Flaws: Critical Integer Overflow Enables Arbitrary Reads in Every Local AI Stack | Library of six vulnerabilities found in llama.cpp's GGUF parser, including a critical integer overflow (V-01) allowing arbitrary file reads and memory exhaustion flaws (V-02, V-03) affecting tools like Ollama and LM Studio. These issues, including V-01 and V-02, are present in the C++ gguf.cpp and Python gguf_reader.py implementations, and unlike CVE-2026-7482 (Bleeding Llama), do not have assigned CVE numbers, bypassing standard scanning workflows. |
| 2026-05-26 | RCE | Microsoft SharePoint Server Vulnerability Enables Remote Code Execution Attacks | Library for securing Microsoft SharePoint Server, addressing CVE-2026-45659, a critical vulnerability enabling remote code execution via deserialization of untrusted data. The flaw, exploitable by authenticated users with Site Member permissions through a network attack with low complexity, requires immediate patching. Mitigations include applying security updates, auditing permissions, monitoring logs for suspicious activity, isolating internet-facing instances, and potentially enabling WAF rules against malicious deserialization payloads. |
| 2026-05-26 | Supply Chain | Supply Chain Cybersecurity: The Vital Lessons for All CSCOs | Analysis of supply chain cybersecurity risks, highlighting the impact of NotPetya on Maersk and recent attacks on UK grocery chains and JLR. The article stresses the importance of patch management, business continuity, multi-factor authentication, asset visibility, dependency tracking, and continuous compliance monitoring to mitigate threats from increasingly complex, technology-dependent global networks and the growing attack surface from AI adoption. |
| 2026-05-26 | API Security | Ghost CMS vulnerability exploited in large-scale campaign | Analysis of CVE-2026-26980, a critical SQL injection in Ghost CMS affecting versions 3.24.0 through 6.19.0, details its exploitation in a large-scale campaign. Attackers leverage this vulnerability to steal admin API keys, inject malicious JavaScript, and deploy malware like UtilifySetup.exe via ClickFix attack flows. The campaign impacts numerous domains, including universities and companies, with a fix available in Ghost CMS 6.19.1. |
| 2026-05-26 | RCE | Microsoft Patches SharePoint Remote Code Execution Bug | Microsoft has released a security update to address a critical remote code execution (RCE) vulnerability in SharePoint Server. This bug, if exploited, could allow an unauthenticated attacker to gain control of a vulnerable system. The vulnerability is present in multiple versions of SharePoint Server, including: SharePoint Enterprise Server 2013, SharePoint Foundation 2013, SharePoint Enterprise Server 2016, and SharePoint Server Subscription Edition. Users are strongly advised to apply the patches immediately to protect their systems from potential compromise. |
| 2026-05-26 | Supply Chain | New supply chain attack targets Laravel PHP packages with credential stealer | Library for detecting and mitigating supply chain attacks targeting PHP packages, specifically those affecting Laravel-Lang. This attack campaign, identified on May 22-23, 2026, involved malicious version tags published to packages like `laravel-lang/lang` and `laravel-lang/attributes`. The campaign distributed a credential stealer designed to collect cloud credentials, authentication tokens, cryptocurrency data, browser data, password manager vaults, and API keys from infected hosts, then exfiltrate and self-delete. |
| 2026-05-26 | Supply Chain | Why Are Software Supply Chains Under Constant Siege? | Library for securing software supply chains, addressing risks from AI-generated code, compromised dependencies like those in npm, and manipulated CI/CD pipelines. It highlights how AI accelerates development while also enabling sophisticated, autonomous attacks, evolving vulnerability discovery and exploitation. The library targets common attack vectors including open-source vulnerabilities, malicious packages, compromised maintainers, secrets, and developer environments, recognizing trust as a primary exploitable element. |
| 2026-05-26 | SQLi | Ghost CMS Vulnerability Exploited to Hack Over 700 Websites | Library for identifying and mitigating SQL injection vulnerabilities, specifically addressing the Ghost CMS flaw exploited in mass attacks. This vulnerability, when unpatched, allowed threat actors to steal Admin API keys, inject malicious JavaScript into articles, and execute large-scale ClickFix attacks. The exploit impacted over 700 websites, including those of Harvard, Oxford, and DuckDuckGo, with competing attacker groups actively overwriting each other's malicious code. |
| 2026-05-26 | SSRF | SNI proxy SSRF vulnerabilities: Misconfigurations exploitation and defense | This article discusses Server-Side Request Forgery (SSRF) vulnerabilities specifically in SNI proxies. It details how misconfigurations in these proxies can be exploited, leading to SSRF attacks. The content also covers methods for defending against these vulnerabilities. The provided link offers further insights into this technical security topic. No specific bounty amounts are mentioned. |
| 2026-05-26 | RCE | Chrome Security Update Patches Two Critical RCE Flaws: One Exploit Still Public Unpatched | Library for detecting and mitigating browser-based threats, including two critical RCE flaws patched in Chrome (CVE-2026-9111, CVE-2026-9110). It also addresses the publicly disclosed, unpatched Browser Fetch API vulnerability, which enables persistent background connections and potential botnet enrollment across Chromium-based browsers like Edge and Brave, requiring manual updates or enterprise patch management for protection. |
| 2026-05-26 | RCE | Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions | Advisory for CVE-2026-45659, an important severity remote code execution vulnerability in Microsoft SharePoint. This flaw, assigned a CVSS score of 8.8, allows an authenticated attacker with minimum Site Member permissions to execute code over a network. Microsoft has released patches across various server versions to address this deserialization of untrusted data vulnerability, discovered by researcher MEOW. |
| 2026-05-26 | Supply Chain | Why developer machines are now the number one target for supply chain attacks | Library providing enhanced security for developer machines, addressing the growing threat of supply chain attacks targeting workstations. It extends visibility beyond package registries to include IDE extensions, browser plugins, and AI tools, offering granular telemetry to detect and prevent vulnerabilities before they impact production. Examples mentioned include attacks via malicious VS Code extensions, Trivy, and compromised packages, highlighting the limitations of traditional EDR tools in monitoring developer environments. |
| 2026-05-26 | RCE | High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659) | Writeup of CVE-2026-45659, a high-severity SharePoint RCE vulnerability patched by Microsoft. This flaw allows authenticated attackers to execute arbitrary code remotely on vulnerable SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016 instances through deserialization of untrusted data, requiring low attack complexity without user interaction. |
| 2026-05-26 | SQLi | CVE-2026-9082: Critical Drupal SQL Injection Vulnerability Affects PostgreSQL Deployments | A critical SQL injection vulnerability, CVE-2026-9082, has been identified in Drupal, specifically impacting deployments using PostgreSQL. This flaw allows attackers to inject malicious SQL code into database queries, potentially leading to unauthorized data access, modification, or deletion. Users are strongly advised to update their Drupal installations to patch this vulnerability and secure their PostgreSQL databases. Further details and mitigation steps are available at the provided link. |
| 2026-05-26 | Supply Chain | TeamPCP Emerges as a Growing Threat to Open-Source Software and AI Ecosystems | Analysis of TeamPCP details their emerging threat to open-source software and AI ecosystems through sophisticated software supply chain attacks. This hacker group compromises widely used open-source packages and developer tools, injecting malicious code into software dependencies and pipelines. TeamPCP's operations exploit developer trust in community-driven platforms, impacting numerous applications and organizations. Their activities highlight the growing trend of financially motivated attacks targeting software infrastructure, urging enhanced verification, dependency monitoring, and stricter governance around third-party software integrations, particularly with accelerating AI adoption. |
| 2026-05-26 | Supply Chain | Perplexity Bumblebee Stops Dangerous Supply-Chain Attacks | Library for auditing local developer environments, Perplexity Bumblebee scans lockfiles and manifests directly to identify supply-chain risks without executing code. It addresses the gap left by SBOMs and EDRs, particularly concerning post-install scripts within packages like those affecting TanStack and SAP, and auditable MCP configurations for AI tools like Cursor and Claude Desktop. Bumblebee is a zero-dependency, read-only binary suitable for startups, solo developers, and enterprises to prevent unnoticed pipeline spread. |
| 2026-05-26 | SQLi | CISA orders feds to patch actively exploited Drupal vulnerability | Vulnerability writeup detailing CVE-2026-9082, an actively exploited SQL injection flaw in Drupal's database abstraction API. Discovered by Michael Maturi and flagged as highly critical, this unauthenticated vulnerability allows attackers to target PostgreSQL-powered sites, potentially leading to information disclosure, privilege escalation, and remote code execution. CISA mandated U.S. federal agencies to patch by May 27th, citing its inclusion in the Known Exploited Vulnerabilities catalog and its frequent use as an attack vector. |
| 2026-05-26 | RCE | Active Exploitation of CVE-2026-5426 in KnowledgeDeliver LMS Enables Godzilla (BLUEBEAM) Web Shell and Cobalt Strike Attacks | Analysis of CVE-2026-5426 in KnowledgeDeliver LMS reveals exploitation of hardcoded ASP.NET machineKey values, enabling unauthenticated remote code execution. Threat actors deploy the Godzilla (BLUEBEAM) web shell and Cobalt Strike BEACON payloads, targeting Japanese enterprises and educational institutions. Attackers leverage ViewState deserialization for initial access, install web shells for persistence, and employ social engineering to deliver Cobalt Strike to user endpoints, leading to widespread compromise. |
| 2026-05-26 | Supply Chain | Google blocks AI Powered Cyber Attack on 2FA and Megalodon Malware attack on GitHub | Analysis of AI-powered attacks and supply chain threats, detailing Google's blocking of an AI-driven attack on 2FA using PROMPTSPY malware, which leveraged Gemini AI to automate exploitation of server vulnerabilities, and the Megalodon malware campaign infecting over 5,500 GitHub repositories through poisoned pipeline execution attacks targeting automated workflows. |
| 2026-05-26 | Supply Chain | TrapDoor Supply Chain Attack Actively Exploiting npm PyPI and CratesIO to Steal Developer Credentials in Crypto DeFi Solana and AI Sectors | Library of tools and techniques for detecting and mitigating the TrapDoor supply chain attack, which actively exploits npm, PyPI, and CratesIO packages to steal developer credentials. This sophisticated campaign targets the crypto, DeFi, Solana, and AI sectors, leveraging malicious packages to exfiltrate AWS keys, GitHub tokens, SSH keys, and cryptocurrency wallet secrets. TrapDoor also uniquely abuses AI coding assistants by embedding hidden instructions in `.cursorrules` and `CLAUDE.md` files, tricking tools into exfiltrating secrets. Mitigation involves auditing dependencies, rotating credentials, searching for persistence artifacts like cron jobs and Git hooks, and monitoring for suspicious network traffic. |
| 2026-05-26 | SQLi | Active Exploitation Alert: Ghost CMS CVE-2026-26980 Mass Attack Hijacks 700 Sites for ClickFix Malware Campaigns | Library for detecting and mitigating CVE-2026-26980, a critical unauthenticated blind SQL injection vulnerability in Ghost CMS. This flaw allows attackers to steal Admin API Keys, inject malicious JavaScript for social engineering, and deploy stealer malware. The exploit chain involves automated reconnaissance, exploitation of the Content API, and redirection to fake Cloudflare CAPTCHA pages to trick users into downloading malware. Mitigation requires immediate patching to version 6.19.1+, rotating credentials, and scanning content for injected scripts. |
| 2026-05-26 | Supply Chain | Megalodon GitHub Supply Chain Attack Hits 5500 Repos | Library of GitHub Actions workflows used in the "Megalodon" supply chain attack, which compromised over 5,500 repositories. This attack campaign leveraged malicious commits to inject workflows designed to harvest CI/CD secrets, cloud access keys, and API tokens. The campaign exploited the `workflow_dispatch` feature for dormant backdoor creation and was linked to compromised versions of the Tiledesk open-source package. |
| 2026-05-26 | OSINT | 30 Cybersecurity Search Engines Every Researcher Should Bookmark | This article highlights 30 essential cybersecurity search engines for researchers. These specialized tools offer unique functionalities beyond general search engines, aiding in tasks like threat intelligence gathering, vulnerability discovery, and network reconnaissance. By leveraging these resources, cybersecurity professionals can more effectively identify and analyze potential risks, improving their overall defensive strategies and understanding of the digital threat landscape. |
| 2026-05-25 | RCE | From Auth Bypass to RCE: A 4-Vulnerability Exploit Chain in DataEase | Writeup of a 4-vulnerability exploit chain in DataEase, including CVE-2026-40899, CVE-2026-40900, and CVE-2026-40901, alongside a previously disclosed authentication bypass. This chain enables unauthenticated remote command execution and data exposure by leveraging a JDBC blocklist bypass for arbitrary file read, stacked SQL injection for database manipulation, and Quartz deserialization for RCE. The exploit targets DataEase versions up to v2.10.21, and users should upgrade to v2.10.21 or later. |
| 2026-05-25 | Fuzzing | Wireshark 4.6.6 Patches Critical ROHC and MACsec Vulnerabilities | Wireshark version 4.6.6 has been released, addressing critical vulnerabilities in the ROHC and MACsec protocols. These patches are essential for users to protect against potential security risks. The update is now available, and users are strongly encouraged to upgrade to the latest version to ensure their systems are secure. |
| 2026-05-25 | SQLi | CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks | Writeup of CVE-2026-9082, an actively exploited SQL injection vulnerability in Drupal Core. This CWE-89 flaw allows unauthenticated attackers to execute malicious SQL queries, potentially leading to privilege escalation, data exposure, and remote code execution. CISA has added it to its Known Exploited Vulnerabilities catalog, mandating remediation for federal agencies. Organizations should apply patches, harden database access, and update WAF rules to mitigate risks. |
| 2026-05-25 | Supply Chain | Automated 'Megalodon' Campaign Spreads GitHub Repo Backdoors | Library for detecting automated supply-chain attacks like the "Megalodon" campaign, which injected malicious GitHub Actions workflows to steal secrets from over 5,000 repositories. The attack targeted CI/CD pipeline secrets, cloud credentials, and SSH keys. The campaign used fake push requests, base64-encoded bash payloads, and two variants: "SysDiag" for mass execution on every push/pull request, and "Optimize-Build" for dormant backdoors triggered via API. It affected numerous repositories, including Tiledesk. |
| 2026-05-25 | Supply Chain | Automated 'Megalodon' Campaign Spreads GitHub Repo Backdoors | Library of GitHub Actions workflows that spread the 'Megalodon' campaign, targeting over 5,000 repositories. This automated attack injects base64-encoded bash payloads via forged author identities, stealing CI/CD secrets, cloud credentials, and SSH keys. Variants include 'SysDiag' and 'Optimize-Build,' with affected repositories needing commit reverts, secret rotation, and audit log reviews, particularly for OIDC federation. |
| 2026-05-25 | SQLi | Drupal warns of active exploitation attempts targeting critical SQL injection flaw | Analysis of CVE-2026-9082, a critical SQL injection vulnerability affecting Drupal sites using PostgreSQL, details active exploitation attempts observed by Imperva. This flaw in Drupal's database abstraction API allows unauthenticated attackers to execute arbitrary SQL, leading to potential information disclosure, privilege escalation, and remote code execution. CISA has added it to the KEV catalog, and agencies must secure systems by May 27. Patches are available for supported Drupal versions, and immediate updates are advised. |
| 2026-05-25 | RCE | nginx-poolslip Flaw Enables DoS and Remote Code Execution | Analysis of CVE-2026-9256, "nginx-poolslip," reveals a critical heap-based buffer overflow in NGINX Plus and Open Source, exploitable remotely by unauthenticated attackers for denial-of-service or remote code execution. Exploitation involves crafting rewrite directives with overlapping PCRE capture groups and leverages a multi-stage ASLR bypass via heap probing and Heap Feng Shui techniques, ultimately enabling interactive root-level shell access. Mitigation includes patching affected NGINX versions and replacing unnamed PCRE capture groups with named ones in rewrite rules. |
| 2026-05-25 | SQLi | Ghost CMS SQL Injection Hits 700 Sites: Harvard DuckDuckGo Serve Fake Cloudflare Malware | Library for detecting and remediating CVE-2026-26980, a critical SQL injection vulnerability in Ghost CMS versions 3.24.0 through 6.19.0. This flaw allows unauthenticated attackers to steal Admin API Keys, enabling them to inject malicious JavaScript into published articles. The compromised sites are then used to serve fake Cloudflare verification pages, tricking visitors into executing PowerShell scripts that download stealer trojans and other malware. The exploitation targets the Content API's slug-filter-order.js serializer and has impacted hundreds of websites, including those of Harvard University and DuckDuckGo. |
| 2026-05-25 | Supply Chain | Hackers Compromise 34 npm PyPI and Crates Packages in Major Supply Chain Attack | Survey of the "TrapDoor" supply chain attack, which compromised 34 npm, PyPI, and Crates.io packages, including `eth-security-auditor` and `wallet-security-checker`. The attack uses ecosystem-specific techniques like post-install scripts and compile-time code execution to steal SSH keys, cloud credentials, and crypto wallet data, while employing persistence mechanisms and attempting AI prompt injection via hidden instructions in files like `.cursorrules`. |
| 2026-05-25 | Supply Chain | Who is TeamPCP the rising hacker group targeting open-source software and AI tools? | Writeup on TeamPCP, a hacker group executing software supply chain attacks. They have targeted entities like GitHub, OpenAI, and Mercor, exploiting vulnerabilities in tools like VSCode extensions, Next.js, and Trivy to deploy malware and steal credentials. TeamPCP utilizes worms like 'Mini Shai-Hulud' to automate its operations, aiming for financial gain through ransomware and data extortion. Their tactics involve corrupting open-source software and AI tools, impacting hundreds of companies and raising concerns about secure development practices. |
| 2026-05-25 | SQLi | Ghost CMS CVE-2026-26980 Exploited to Hijack 700 Sites for ClickFix Attacks | Writeup of CVE-2026-26980 in Ghost CMS, an SQL injection vulnerability allowing unauthenticated attackers to hijack admin API keys and poison over 700 sites. Threat actors injected malicious JavaScript loaders, often powered by Adspect, to facilitate ClickFix attacks through fake CAPTCHA pages and ultimately deliver malware like a modified Grape desktop client or a PuTTY client. The vulnerability was addressed in Ghost CMS version 6.19.1. |
| 2026-05-25 | Supply Chain | Socket Uncovers Supply Chain Attack on Cryptocurrency and AI Developers | Analysis of the TrapDoor supply chain attack reveals a sophisticated campaign targeting developers across npm, PyPI, and Crates.io. The malware, distributed via GitHub, infiltrates systems by masquerading as helpful developer tools, stealing sensitive data like wallet credentials, API keys, and browser extension information from popular services including Coinbase, Binance, and MetaMask. It specifically targets AI programming assistants like Claude and Cursor, aiming to trick them into executing workflows that expose secrets. Persistence mechanisms are employed via scheduler tasks and autostart, meaning simple removal is insufficient, necessitating comprehensive key rotation and system compromise checks. |
| 2026-05-25 | Supply Chain | Over 5500 GitHub Repositories Infected in Megalodon Supply Chain Attack | Writeup on the Megalodon supply chain attack, which infected over 5,500 GitHub repositories. The campaign leveraged malicious GitHub Actions workflows to steal credentials, keys, and tokens. Attackers injected over 5,700 commits within a six-hour window, deploying payloads to exfiltrate sensitive information like AWS, GCP, and Azure credentials, as well as SSH keys. The attack was discovered following the identification of compromised Tiledesk NPM packages. |
| 2026-05-25 | API Security | What Actually Matters For Web Application Security In The AI Era? | Analysis of web application security in the AI era highlights the evolving threat landscape, with AI-driven attacks projected to reach 28 million globally in 2025. Traditional perimeter-based security is insufficient as modern applications rely heavily on APIs, cloud services, and AI-driven features, significantly expanding the attack surface. API security incidents are prevalent, affecting 87% of organizations, and AI-generated code exhibits a 2.7x higher vulnerability density, frequently including SQL injection and cross-site scripting. Effective security is now a design decision, requiring proactive architectural planning for authentication, API authorization, and session management, rather than reactive remediation. |
| 2026-05-25 | SQLi | CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks | Alert regarding CVE-2026-9082, a critical SQL injection vulnerability in Drupal Core, actively exploited and listed on CISA's Known Exploited Vulnerabilities catalog. This CWE-89 flaw, impacting the database abstraction API, enables attackers to execute malicious SQL queries, leading to potential privilege escalation and remote code execution. CISA mandates remediation by May 27, 2026, for federal agencies under BOD 22-01, urging immediate patching, log monitoring, WAF implementation, and consideration of service shutdowns if patching isn't feasible. |
| 2026-05-25 | SQLi | Ghost CMS Users Under Attack: Why Developers Must Act Fast | Writeup on CVE-2026-26980, an actively exploited SQL injection vulnerability in Ghost CMS, impacting over 700 domains. Attackers leverage this flaw, combined with ClickFix social engineering tactics, to steal admin API keys and inject JavaScript. Mitigation involves upgrading to Ghost 6.19.1, rotating keys, auditing admin access, monitoring server logs, and training teams against suspicious prompts. |
| 2026-05-25 | Supply Chain | npm Introduces 2FA-Gated Publishing and New Install Controls to Strengthen Supply Chain Security | Library updates from npm introduce staged publishing, requiring 2FA approval for package releases to prevent automated compromise and malicious injections. New install controls like `--allow-file`, `--allow-remote`, and `--allow-directory` offer granular restrictions on package sources, addressing the rise in software supply chain attacks seen in campaigns targeting npm packages. |
| 2026-05-25 | Supply Chain | TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm PyPI and CratesIO | Library detailing the TrapDoor supply chain attack campaign that spread credential-stealing malware across npm, PyPI, and Crates.io. This coordinated campaign utilized malicious packages like `async-pipeline-builder` and `cryptowallet-safety`, employing techniques such as `trap-core.js` JavaScript payloads, Rust `build.rs` scripts, Python import-time execution, and the unusual tactic of implanting hidden instructions in `.cursorrules` and `CLAUDE.md` files to trick AI assistants. The attack targeted developers in crypto, DeFi, Solana, and AI, aiming to steal secrets, wallets, and credentials, with persistence achieved via cron jobs, systemd, Git hooks, and SSH. |
| 2026-05-25 | AI | Three Prompt Injection Patterns Your AI Security Detection Stack Misses | Library for detecting prompt injection attacks on LLMs, addressing gaps in traditional WAF and EDR coverage. It details three injection patterns: indirect injection via document content (AML.T0054.002), second-order injection through AI agent tool calls, and conversation-history poisoning (AML.T0054.001). Detection logic focuses on analyzing RAG pipeline logs, agent orchestration logs (tool-call/response pairs), and conversation-session metadata to identify instruction-formatted text and behavioral shifts, aligning with MITRE ATLAS subtechniques and OWASP's LLM Top 10. |
| 2026-05-24 | Supply Chain | Megalodon Supply Chain Attack: TeamPCP Compromises 5561 GitHub Repositories via Malicious CI/CD Workflows | Library detailing the Megalodon campaign, a supply chain attack by TeamPCP that compromised 5,561 GitHub repositories via malicious CI/CD workflows. The attack leveraged compromised developer credentials, injecting bash scripts that exfiltrated secrets like AWS and Azure credentials, SSH keys, and OIDC tokens to a C2 server. Variants included SysDiag and Optimize-Build workflows, and attackers also published malicious npm packages impersonating the Polymarket project, demonstrating worm-like propagation and reaching targets in Iran and Israel. |
| 2026-05-24 | RCE | Critical Active Exploitation Alert: CVE-2026-48172 in LiteSpeed cPanel Plugin Enables Root Privilege Escalation | Alert detailing CVE-2026-48172, a critical privilege escalation vulnerability in LiteSpeed cPanel Plugin versions 2.3 through 2.4.4. This flaw allows authenticated users to execute arbitrary scripts as root due to incorrect privilege assignment in the `lsws.redisAble` function. The vulnerability, classified under CWE-266, is actively exploited in the wild by opportunistic threat actors, leading to full system compromise and potential deployment of malware or ransomware. Mitigation involves upgrading the plugin to version 2.4.7+ or uninstalling it, and reviewing logs for exploitation indicators like `cpanel_jsonapi_func=redisAble`. |
| 2026-05-24 | SSRF | Mahmoud BARRY ( Docteur JS): Day #9 of #100DaysOfCyber | Le Concept du Jour : Le #SSRF Hier lors du Day 8 on a parlé de WAF et de Rate Limiting pour sécuriser notre infrastructure et nos applications. Sauf que les attaquants vont toujours chercher des techniques pour contourner ces barrières. L'une de | This post, Day 9 of #100DaysOfCyber by Mahmoud BARRY, introduces the concept of Server-Side Request Forgery (SSRF). It follows a discussion on Web Application Firewalls (WAF) and Rate Limiting from Day 8. The author notes that attackers continuously seek methods to bypass security measures, highlighting SSRF as one such technique. The summary focuses on the core topic of SSRF and its relation to bypassing security controls. No bounty amount is mentioned. |
| 2026-05-24 | RCE | Drupal Remote Code Execution vulnerability | Vulnerability describing a Drupal Remote Code Execution flaw impacting various versions of Drupal 8.9 and later, up to Drupal 11.3.10, allows attackers to execute code, manipulate data, elevate privileges, and disclose sensitive information. Patches are available for Drupal 8.9, Drupal 9.5, and updates are recommended for Drupal 10.4.x through 11.3.x. End-of-life versions like Drupal 8 and 9 may have other unaddressed vulnerabilities. |
| 2026-05-24 | SQLi | Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign | Writeup of CVE-2026-26980, a critical SQL injection vulnerability in Ghost CMS, details its exploitation in large-scale ClickFix campaigns. Threat actors leverage the flaw to steal admin API keys, injecting malicious JavaScript into articles to deploy payloads like the UtilifySetup.exe malware. Vulnerable versions range from 3.24.0 to 6.19.0, with attacks impacting numerous domains, including prominent universities and tech companies. Mitigation involves upgrading to Ghost CMS 6.19.1 or later, rotating API keys, and reviewing logs for indicators of compromise. |
| 2026-05-24 | Supply Chain | Active Exploitation Alert: Laravel Lang PHP Packages Compromised in Supply Chain Attack to Deploy Credential-Stealing Malware | Writeup on a supply chain attack targeting Laravel Lang PHP localization packages (laravel-lang/lang, laravel-lang/attributes, laravel-lang/http-statuses, laravel-lang/actions) which deployed credential-stealing malware. Attackers exploited GitHub version tagging to inject malicious code, impacting developers by exfiltrating cloud provider keys, developer secrets, browser passwords, and cryptocurrency wallets via a PHP dropper and secondary payload communicating with flipboxstudio[.]info. |
| 2026-05-24 | SQLi | U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog | Vulnerability report detailing CVE-2026-9082, a critical SQL injection flaw in Drupal Core affecting PostgreSQL databases. This unauthenticated vulnerability allows attackers to compromise sites, leading to information disclosure, privilege escalation, and remote code execution. CISA has added it to its Known Exploited Vulnerabilities (KEV) catalog, mandating federal agencies to address it by May 27, 2026, following widespread exploitation observed by firms like Imperva. |
| 2026-05-24 | SSRF | Vishal Vishwakarma: Day 11 / 30 SSRF DORKS PAYLOADS First payload should always be Collaborator. Confirm DNS hit then chase metadata. #bugbountytips #ssrf #bugbounty #cybersecurity #infosec | This entry from Vishal Vishwakarma's 30-day bug bounty challenge focuses on Server-Side Request Forgery (SSRF) techniques. The core advice for day 11 is to prioritize using a Collaborator payload first to confirm a DNS hit. Once confirmed, the next step is to attempt to retrieve metadata. This strategy aims to efficiently identify and exploit SSRF vulnerabilities. |
| 2026-05-24 | SSRF | Gray Hats: A critical Angular hostname hijacking vulnerability allows SSRF attacks. Discover the impact on platform-server and how to patch your apps. #Angular #SSRF #WebSecurity #Vulnerability #AppSec | A critical vulnerability in Angular allows for hostname hijacking, enabling Server-Side Request Forgery (SSRF) attacks. This impacts the platform-server component, posing a significant web security risk. Developers are advised to understand the full implications and apply necessary patches to their applications. The content highlights the importance of addressing this vulnerability to prevent potential exploitation and maintain application security. |
| 2026-05-23 | AI | AI Security Solutions In 2026: Tools To Secure AI | Platform for AI security posture management (AI-SPM) that provides centralized visibility and risk assessment across the AI lifecycle, from development to runtime. It maps your AI estate using a security graph to detect and prioritize risks like model exposure and prompt injection, addressing threats such as shadow AI, data poisoning, and over-permissioned agents. The platform secures infrastructure, governs training data, restricts agent permissions, and monitors live model behavior for anomalies, with Wiz AI-SPM being a leading solution for comprehensive AI security. |
| 2026-05-23 | SQLi | CVE-2026-9082: Drupal's Highly Critical SQL Injection Flaw Is Already Under Active Attack | Writeup of CVE-2026-9082, a critical SQL injection vulnerability in Drupal affecting PostgreSQL installations. Exploitation attempts began immediately after the patch, with Imperva observing over 15,000 attacks in two days targeting sites globally. The vulnerability allows unauthenticated attackers to inject arbitrary SQL, leading to information disclosure, privilege escalation, or remote code execution. Administrators are urged to apply the security patch immediately. |
| 2026-05-23 | Supply Chain | npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks | Library enabling staged publishing for npm packages, requiring 2FA approval before release to mitigate supply chain attacks. It introduces "npm stage publish" via npm CLI 11.15.0+, demanding maintainer verification for every publish, including CI/CD and OIDC workflows. New install flags—`--allow-file`, `--allow-remote`, `--allow-directory`—provide granular control over non-registry installation sources, mirroring allowlist approaches. |
| 2026-05-23 | RCE | Nginx-poolslip Vulnerability Enables DoS and Code Execution Attacks | Library detailing CVE-2026-9256, the nginx-poolslip vulnerability affecting NGINX Plus and Open Source. This flaw, residing in `ngx_http_rewrite_module`, allows remote, unauthenticated attackers to trigger a heap buffer overflow (CWE-122) via crafted requests using overlapping PCRE capture groups in rewrite directives. Exploitation can lead to denial-of-service or code execution by hijacking the memory pool's cleanup handler pointer, a distinct code path to corruption. |
| 2026-05-23 | SSRF | xHackInSeconds: URL field accepted internal addresses. 169.254.169.254. IAM role credentials in the response. Full S3 and RDS access. #infosec #cloud #ssrf | A vulnerability was discovered where a URL field accepted internal addresses, specifically `169.254.169.254`. This allowed for Server-Side Request Forgery (SSRF), leading to the exposure of IAM role credentials. Consequently, attackers gained full access to S3 buckets and RDS instances. The report highlights a critical security flaw in cloud environments related to SSRF. |
| 2026-05-23 | SSRF | Afzal .: They don't attack the firewall directly. They trick your own server into doing it for them. Let's talk about Server-Side Request Forgery (SSRF) and why it's a critical vulnerability in modern web apps. #BugBounty #SSRF #CyberSecurity #InfoSec #InfosecTwitter #WebSecurity | Server-Side Request Forgery (SSRF) is a critical vulnerability in modern web applications. Instead of directly attacking a firewall, attackers exploit SSRF by tricking the application's own server into making requests on their behalf. This allows them to access internal systems or cloud metadata that would otherwise be inaccessible. Understanding and mitigating SSRF is crucial for robust web security. |
| 2026-05-23 | Supply Chain | Laravel-Lang Supply Chain Attack: Every Tag Across Multiple Composer Packages Rewritten to Steal CI Secrets | Writeup of the laravel-lang supply chain attack where a single actor rewrote all git tags across four popular Composer packages, including `laravel-lang/lang` and `laravel-lang/http-statuses`, to point to malicious commits. These commits added `src/helpers.php` to the `autoload.files` map, executing a payload upon application startup. The payload contacted `flipboxstudio.info`, dropped a PHP loader and ELF binary in `/tmp`, exfiltrated runner environment data, and then self-deleted. This technique bypassed standard version pinning, making pre-May 22, 2026 commit SHAs the only safe option. |