theregister.com
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-05-15.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-05-15 2026 | OpenAI caught in TanStack npm supply chain chaos after employee devices compromisedSupply Chain | Library detailing supply chain risks, including the OpenAI incident stemming from compromised employee devices impacting the TanStack npm package. It also touches upon AI agents' ability to create exploits, the strain agentic AI places on memory hierarchies, and the challenge of securing open-source registries with insufficient funding. The information highlights the evolving landscape of application security threats and the increasing reliance on AI. |
| 2026-05-13 2026 | Bug hunter tracks down three serious MCP database flaws one left unpatchedSQLi | Writeup detailing three critical vulnerabilities discovered in MCP databases by a security researcher. One of these flaws, impacting Apache and Alibaba databases, remains unpatched by the vendor, highlighting ongoing supply chain security risks within open-source software. The article emphasizes how AI-driven tools are increasing vulnerability discovery rates, leading to a surge in patches and a growing "vulnpocalypse." |
| 2026-05-11 2026 | Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotagedSupply Chain | Analysis of a TeamPCP intrusion targeting a Jenkins plugin, highlighting the evolving landscape of supply chain attacks. This incident underscores the risks associated with untrusted agentic development layers and the growing threat of AI agent skills being exploited for malicious purposes, mirroring concerns around identity-based cyber resilience and the black market for compromised identities. |
| 2026-05-11 2026 | Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotagedSupply Chain | Library that detects and mitigates supply chain attacks targeting CI/CD pipelines, as demonstrated by Checkmarx's response to an intrusion involving a sabotaged Jenkins plugin used by TeamPCP. The article highlights the increasing risks associated with untrusted agentic development layers and the potential for AI agent skills to be exploited for supply chain compromise. |
| 2026-05-06 2026 | CISA flags data-theft bug in NSA-built OT networking toolXXE | Tool: CISA alert highlights a data-theft vulnerability in an NSA-developed operational technology networking tool. The advisory flags a critical flaw impacting the secure management of industrial control systems. |
| 2026-05-01 2026 | The never-ending supply chain attacks worm into SAP npm packages other dev toolsSupply Chain | Survey of supply chain attacks targeting SAP npm packages, highlighting vulnerabilities within development tools. The article touches upon AI agents as potential attack vectors and the broader challenges in securing development environments and managing hardware lead times. It also mentions incidents like the "Ralph Wiggum" loop impacting Claude and the economic pressures on open-source registries to implement basic security measures. |
| 2026-04-30 2026 | Google's fix for critical Gemini CLI bug might break your CI/CD pipelinesRCESupply Chain | Library for securing AI development layers, addressing vulnerabilities in agentic AI and supply chain risks. It discusses techniques for building secure development environments, managing trust in AI agent skills, and mitigating risks associated with AI models like Claude and Gemini. The library also touches upon hardware supply chain turbulence and identity resilience strategies in the context of AI. |
| 2026-04-30 2026 | CISA flags data-theft bug in NSA-built OT networking toolXXE | Report on a data-theft vulnerability in an NSA-developed operational technology networking tool, highlighting CISA's alert. The article mentions concerns around AI agents straining memory hierarchies and potential supply chain attacks via AI agent skills. It also touches on the cost-efficiency of AI agents using APIs versus visual interaction, and a workaround for Claude's commercial software limitations. |
| 2026-04-27 2026 | Ongoing supply-chain attack 'explicitly targeting' security dev toolsSupply Chain | Library of security and developer tools affected by a sophisticated supply-chain attack. Threat actors, including Lapsus$, have targeted tools like Trivy, KICS, and Checkmarx's GitHub repositories, injecting credential-stealing malware and poisoning Docker images. This campaign also compromised Bitwarden's CLI and exposed sensitive data, including source code and API keys, demonstrating a direct assault on the security ecosystem. |
| 2026-04-22 2026 | Another npm supply chain worm is tearing through dev environmentsSupply Chain | Library for detecting npm supply chain worms, similar to CanisterWorm attacks attributed to TeamPCP and LiteLLM. This strain compromises packages like `@automagik/genie`, `pgserve`, and `@fairwords/websocket`, stealing secrets, API keys, and cryptocurrency wallet data. It exfiltrates information to both webhooks and ICP canisters, utilizing a "TeamPCP/LiteLLM method" and self-propagation logic to infect additional packages and PyPI repositories. |
| 2026-04-21 2026 | Vibe coding upstart Lovable denies data leak cites 'intentional behavior' then throws HackerOne under the busAPI Sec | Writeup detailing a Broken Object Level Authorization (BOLA) vulnerability exploited by an OSINT researcher against Vibe coding platform Lovable. The vulnerability allowed unauthorized access to sensitive user data, including credentials, chat history, and source code, via publicly accessible projects. Lovable's initial response attributed the exposure to "intentional behavior" and unclear documentation before blaming bug bounty platform HackerOne for mishandling the researcher's report. |
| 2026-04-19 2026 | CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attackRCE | Reference for CVE-2026-34197, a critical remote code execution vulnerability in Apache ActiveMQ Classic. This 13-year-old flaw, now on CISA's Known Exploited Vulnerabilities catalog, allows authenticated attackers to run arbitrary OS commands via the Jolokia management API. The vulnerability is exacerbated by common default credentials and can be chained with CVE-2024-32114 on certain versions to enable unauthenticated exploitation. Patches are available in ActiveMQ versions 5.19.5 and 6.2.3. |
| 2026-04-19 2026 | What to Expect from BSides, Black Hat, and DEF CON 2025Talks | Survey of 2025 Hacker Summer Camp previews, detailing expected content at BSides Las Vegas, Black Hat, and DEF CON. Topics include password cracking techniques, financial system security risks, AI vulnerabilities, Apple zero-days, Windows Hello bypasses, satellite exploits, and government cybersecurity policy. Specific sessions cover custom password cracking rigs, LLM vulnerability analysis in the DARPA AI Cyber Challenge, and car hacking demonstrations. The events also feature networking opportunities, hiring tracks, and capture-the-flag competitions. |
| 2026-04-15 2026 | Agents hooked into GitHub can steal creds but Anthropic Google and Microsoft haven't warned usersAI | Library for detecting prompt injection vulnerabilities in AI agents integrated with GitHub Actions. Researchers demonstrated that agents like Anthropic's Claude Code Security Review, Google's Gemini CLI Action, and Microsoft's GitHub Copilot can be tricked via "comment and control" prompt injection into leaking API keys and GitHub access tokens. This attack can occur proactively when pull requests are opened or issues are filed, bypassing existing security layers. |
| 2026-04-11 2026 | 10K Docker Images Spray Live Cloud CredsSecrets | Analysis of 10,456 Docker images reveals over 100 companies, including a Fortune 500 firm and a major bank, inadvertently exposing live cloud credentials and API keys for AI services. Flare's research indicates that secrets are often baked into build contexts and published via informal "shadow IT" accounts, bypassing enterprise monitoring. Even after removal from images, exposed secrets frequently remain active, necessitating the use of secrets management tools and pre-push scanning. |
| 2026-04-11 2026 | Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromiseSupply Chain | Analysis of supply chain compromise via attacks on Trivy and Axios, demonstrating the future of malware delivery. Attackers leveraged vulnerabilities in open source tools, including a vulnerability scanner and a JavaScript library, to steal secrets and plant backdoors. These incidents highlight the growing threat of sophisticated social engineering and the potential for AI-driven attacks to target developer environments and compromise tens of thousands of organizations. |
| 2026-04-07 2026 | AI agents found vulns in this popular Linux and Unix print serverRCE | Writeup of CVE-2026-34980 and CVE-2026-34990 in CUPS, a popular Linux and Unix print server, detailing how two chained vulnerabilities allow unauthenticated remote attackers to execute code and achieve root file overwrite. The flaws, discovered by AI agents and a security researcher, exploit CUPS' handling of anonymous print-job requests and option parsing to enable code injection. CVE-2026-34980 provides remote code execution as the `lp` user, which can then be chained with CVE-2026-34990, an authorization flaw, to gain root privileges. |
| 2026-04-03 2026 | Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machinesSupply Chain | Library alert detailing a sophisticated npm supply chain attack where a hijacked maintainer account for the popular Axios package (used by 100 million weekly) introduced two backdoored versions: axios@1.14.1 and axios@0.30.4. Attackers bypassed CI/CD pipelines, publishing a malicious dependency, plain-crypto-js@4.2.1, which delivered cross-platform remote-access trojans (RATs) tailored for macOS, Windows, and Linux. This highly organized campaign, attributed to suspected North Korean threat actor UNC1069, highlights the significant risks associated with compromised dependencies and the need for robust application security practices. |