appsec.fyi · Sources

ox.security

8 curated AppSec resources from ox.security across 4 topics on appsec.fyi.

ox.security

Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-23.

Supply Chain 4 AI 2 Python 1 XSS 1
Date Added Resource Excerpt
2026-04-23 2026Shai-Hulud: The Third Coming Bitwarden CLI Backdoored in Latest Supply Chain CampaignSupply ChainShai-Hulud: The Third Coming — Bitwarden CLI Backdoored in Latest Supply Chain Campaign https://ift.tt/OsEXhPW
2026-04-23 2026Xinference allegedly hacked by TeamPCP Malicious Package In PyPiSupply ChainXinference allegedly hacked by TeamPCP, Malicious Package In PyPi https://ift.tt/vMwcIWt
2026-04-20 2026Supply Chain Attack Hits Vercel: User Data is Being Sold on BreachForums For $2MSupply ChainSupply Chain Attack Hits Vercel: User Data is Being Sold on BreachForums For $2M https://ift.tt/4aw2YkZ
2026-04-16 2026The Mother of All AI Supply Chains: Critical Systemic Vulnerability at the Core of Anthropics MCPAIThe Mother of All AI Supply Chains: Critical, Systemic Vulnerability at the Core of Anthropic’s MCP https://ift.tt/Yf8v473
2026-04-16 2026MCP Supply Chain Advisory: RCE Vulnerabilities Across the AI EcosystemAIMCP Supply Chain Advisory: RCE Vulnerabilities Across the AI Ecosystem https://ift.tt/dn3MWOq
2026-04-05 2026Known Unpatched Exploitable: Redashs Python Sandbox Escape Gives Attackers Full Server AccessPythonKnown, Unpatched, Exploitable: Redash’s Python Sandbox Escape Gives Attackers Full Server Access https://ift.tt/ESYHCpg
2026-04-03 2026Axios Compromised With A Malicious DependencySupply ChainAxios Compromised With A Malicious Dependency https://ift.tt/UGiNTD9
2026-01-27 2026XSS in Live Preview Microsoft VS Code Extension with 11M DownloadsXSSThe content discusses a Cross-Site Scripting (XSS) vulnerability found in the Live Preview feature of a popular Microsoft VS Code Extension with 11 million downloads. The vulnerability could potentially allow attackers to execute malicious scripts on users' systems. It highlights the importance of addressing security flaws in widely used software to prevent exploitation by malicious actors.