techzine.eu
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-05-08.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-05-08 2026 | Ivanti patches five vulnerabilities in EPMM one actively being exploitedRCE | Writeup detailing Ivanti's patching of five vulnerabilities in Endpoint Manager Mobile (EPMM), including the actively exploited CVE-2026-6973. The advisory highlights CVE-2026-5788 for unauthenticated RCE, CVE-2026-5787 for Sentry impersonation, and CVE-2026-7821 for data access. The NCSC warns of imminent public PoC code, urging immediate patching to mitigate risks like those previously impacting Dutch organizations. |
| 2026-05-05 2026 | Popular Daemon Tools utility exploited in supply chain attackSupply Chain | Writeup on the Daemon Tools supply chain attack, where trojanized installers from the official vendor website delivered a backdoor. The attack affected versions 12.5.0.2421 through 12.5.0.2434, tampering with DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe to establish a persistent foothold. Command-and-control communications utilized a typosquatting domain and sophisticated implants like QUIC RAT, supporting multiple protocols. This incident mirrors the 3CX attack and highlights the growing threat of supply chain compromises. |
| 2026-04-28 2026 | Malicious Python package poses new supply chain threatPythonSupply Chain | Writeup detailing a supply chain attack on the `elementary-data` Python package, which was compromised via a GitHub Actions vulnerability. Attackers stole signing keys to publish a malicious version (0.23.3) that exfiltrated user profiles, cloud keys, API tokens, SSH keys, and .env file contents. Users are advised to rotate credentials, remove the malicious package, and check for a marker file, noting CI/CD runners are particularly at risk. |
| 2026-04-22 2026 | Nextcloud ends bug bounty program due to too many low-quality reportsBug Bounty | News about Nextcloud ending its bug bounty program due to an influx of low-quality, AI-generated vulnerability reports. Financial rewards are discontinued for all submissions, even critical ones, impacting the HackerOne platform. Valid reports will still be accepted but will not receive compensation. |
| 2026-04-20 2026 | Aikido Endpoint offers developers additional protection against supply chain attacksSupply Chain | Library for blocking supply chain attacks, Aikido Endpoint protects developer endpoints by monitoring and blocking high-risk packages, IDE extensions, browser plugins, and AI tools before installation. Built on the open-source Safe Chain CLI firewall, it prevents threats like those seen in Shai-Hulud, TeamPCP, and the Axios attack by employing default settings such as blocking packages published less than 48 hours ago. This targets vulnerabilities on developer machines, which contain sensitive information like cloud credentials and SSH keys, often missed by repository-focused security tools. |
| 2026-04-16 2026 | AI agents on GitHub leak API keys via prompt injectionAI | Library for detecting prompt injection vulnerabilities in AI agents, specifically detailing "Comment and Control" attacks on GitHub Actions. The vulnerability affects Claude Code Security Review (CVSS 9.4 Critical), Google Gemini CLI Action (bounty $1,337), and GitHub Copilot Agent (bypassing environment filtering, secret scanning, and network firewall). Attackers exploit PR titles, issue bodies, and comments to exfiltrate API keys and tokens like ANTHROPIC_API_KEY, GITHUB_TOKEN, GEMINI_API_KEY, and GITHUB_COPILOT_API_TOKEN. |
| 2026-04-09 2026 | Is 46% of your AI-generated code vulnerable?AI | Platform for securing AI-generated code, addressing research showing 46% of AI code contains vulnerabilities. It integrates Software Composition Analysis (SCA), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST) directly into IDEs and LLMs like Gemini and GitHub Copilot, while also integrating with tools from Wiz, Snyk, and Black Duck. The platform emphasizes continuous governance throughout the Software Development Life Cycle (SDLC) and maintains the necessity of human oversight for final code acceptance and remediation. |
| 2026-04-03 2026 | Axios supply chain attack victim posts postmortem to prevent a repeatSupply Chain | Writeup detailing the Axios supply chain attack by North Korean group UNC1069, which injected Remote Access Trojans (RATs) via malicious versions `axios@1.14.1` and `axios@0.30.4`. The attack leveraged social engineering, including a fake Microsoft Teams call, and delivered payloads through the `plain-crypto-js@4.2.1` dependency. Remediation involves downgrading Axios, cleaning dependencies, rotating credentials, and monitoring network connections to `sfrclak.com`. Axios is implementing OIDC-based publishing and immutable releases to prevent future incidents. |