Attacks & Vulnerabilities
|
Official CheckMarx Jenkins package compromised with infostealer (3 minute read)
TeamPCP, the same group behind the Shai-Hulud npm campaigns and the Trivy scanner breach, pushed a rogue version (2026.5.09) of Checkmarx's Jenkins AST plugin to the Jenkins Marketplace on May 9. They pivoted in via credentials stolen during their March compromise of Trivy, which Checkmarx never rotated. The malicious build sat outside the plugin's release pipeline, lacked a Git tag and GitHub release, and broke the project's date-based versioning scheme. Users should roll back to 2.0.13-829.vc72453fa_1c16 (December 17, 2025) or earlier, rotate every secret that touched a Jenkins runner executing the plugin, and hunt for lateral movement and persistence. Defenders should treat any vendor breach involving stolen repository credentials as a standing supply-chain risk until rotation is confirmed, and pull Checkmarx's published IOCs into CI/CD telemetry.
|
GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access (26 minute read)
The Google Threat Intelligence Group reported the first observed criminal use of an AI-developed zero-day, a 2FA-bypass exploit against an open-source sysadmin tool that GTIG disrupted before deployment. They also detailed PRC actors chaining persona jailbreaks with the "wooyun-legacy" Claude skill plugin and 85,000 historical bug cases to scale CVE analysis, along with Russia-nexus malware padding payloads with LLM-generated decoy logic to evade static signatures. The report highlights threats like PROMPTSPY, an Android backdoor that interprets on-screen UI and autonomously issues actions, and TeamPCP pivoting from supply-chain compromises to AI gateways using the SANDCLOCK stealer, with defenders advised to focus on AI tooling stacks, supply-chain assets, and detecting semantic logic flaws that static analysis tools may miss.
|
Linux bitten by second severe vulnerability in as many weeks (3 minute read)
Dirty Frag chains two Linux kernel bugs, CVE-2026-43284 and CVE-2026-43500, to allow low-privilege users to gain root by corrupting page cache data via the esp4/esp6 and rxrpc networking paths. The exploit code is public and has already been tested by attackers. Major distros like Debian, AlmaLinux, and Fedora now ship fixes, but protection still depends on fast patching and reboots, especially on shared servers and VMs.
|
|
IfYouRevokeThisTokenItWillWipeTheComputerOfTheOwner: Inside the New Shai-Hulud npm Worm (7 minute read)
A new Shai-Hulud variant has hit 42 @tanstack/* packages via a pull_request_target "Pwn Request" plus GitHub Actions cache poisoning and runtime OIDC token extraction from the Runner.Worker process, then harvested AWS, GCP, Kubernetes, Vault, GitHub, and SSH credentials on every install host. The worm uses GitHub's commit search index as a peer-to-peer bulletin board — infected hosts find each other's stolen tokens by querying for the literal sigil string — and plants a gh-token-monitor dead-man's switch that triggers destructive actions if the token is revoked before the persistence units are removed. Defenders should remove persistence (launchd/systemd units, Claude Code SessionStart hooks, VS Code tasks.json with runOn: folderOpen) before rotating tokens, block egress to api.masscan.cloud and the Session seed nodes, and hunt for .github/workflows/*.yml files.
|
Detecting Remote Thread Creation with Windows Driver (4 minute read)
S12 walks through how EDRs detect CreateRemoteThread-style injection using PsSetCreateThreadNotifyRoutine, a kernel callback that fires in the creator's context — so comparing PsGetCurrentProcessId() against the notification's ProcessId reliably flags cross-process thread creation. The PoC WDF driver registers the callback in DriverEntry, logs creator/target PID pairs, and filters PID 4 (System) to suppress legitimate kernel-initiated threads. Defenders building on this should layer in thread start-address inspection (unbacked memory, non-image regions), creator process reputation, and correlation with image-load and handle-open callbacks before alerting, since the raw signal alone is noisy.
|
Postmortem: TanStack npm supply-chain compromise (18 minute read)
On May 11, an attacker used a pull_request_target workflow, GitHub Actions cache poisoning, and OIDC token theft from runner memory to push 84 malicious versions of 42 @tanstack/* npm packages. The payload ran during install, harvested cloud, Kubernetes, Vault, npm, GitHub, and SSH credentials, then exfiltrated them over the Session/Oxen network and tried to republish other packages owned by the victim. Detection came from external researchers within about 20 minutes. All bad versions were deprecated, caches purged, and workflows hardened.
|
|
EtwWatcher (GitHub Repo)
EtwWatcher is a static, browser-side web app for browsing and diffing snapshots of Windows ETW provider state across builds, letting detection engineers and threat hunters see which providers, events, keywords, and template fields shifted between Windows builds (including Patch Tuesday cumulative updates and Insider builds) without spinning up VMs. Snapshots are produced by the companion PowerShell module ETWInspector and committed as NDJSON. Users can also drop in their own .ndjson or .ndjson.gz for full in-browser analysis. Coverage spans Manifest, MOF, and TraceLogging providers — WPP is not yet supported, and MOF event metadata enumeration remains incomplete due to WMI quirks.
|
Daybreak OpenAI for cybersecurity (2 minute read)
OpenAI Daybreak introduces a defensive program that bakes security into software development by using GPT‑5.5 and Codex Security for secure code review, threat modeling, patch validation, and dependency risk analysis. It supports workflows from triage and malware analysis to red teaming through graded access tiers, including GPT‑5.5‑Cyber, which offers stronger verification and account controls, and is being rolled out with industry and government partners.
|
Frame Security (Product Launch)
Frame Security has developed a human risk management platform covering the full security awareness lifecycle, from simulated attacks to employee training to threat triage. Its simulation module generates personalized phishing, voice, and video deepfake scenarios tailored to each employee's role and communication patterns.
|
|
Mythos finds a curl vulnerability (5 minute read)
Daniel Stenberg reported that Anthropic's heavily hyped Mythos model, run against curl's 178K-line codebase via the Linux Foundation's Alpha Omega program, produced five "confirmed" findings that the curl security team triaged down to a single low-severity CVE (slated for 8.21.0 in late June), plus ~20 non-vulnerability bugs — three were false positives flagging documented API behavior, and one was deemed "just a bug." Stenberg noted that prior AI scanners (AISLE, Zeropath, and OpenAI Codex Security) drove 200–300 merged bugfixes over 8–10 months, so Mythos's lighter haul reflects diminishing returns on a heavily fuzzed, audited codebase rather than weakness — and that AI tools still surface only known bug classes, not novel ones. Practitioners should treat AI code analyzers as now table-stakes (any project that hasn't run one likely has a backlog of findings waiting), pair them with traditional defenses, and discount vendor "dangerously good" framing until independent results land.
|
CHERIoT-Ibex: Closing the door on memory safety vulnerabilities with hardware-enforced protection (3 minute read)
Microsoft's CHERIoT-Ibex became the first open-source production-quality implementation of the CHERIoT ISA certified by the CHERI Alliance, extending LowRISC's 32-bit RISC-V Ibex core with capability-based hardware-enforced spatial and temporal memory safety plus fine-grained compartmentalization. The core targets embedded and IoT workloads where roughly 70 percent of Microsoft-assigned CVEs stem from memory safety defects in C/C++, and achieves its guarantees at power and area parity with low-cost microcontrollers. For defenders building tightly integrated firmware, the design constrains blast radius so a compromise in an exposed networking stack cannot pivot into privileged init or telemetry components on the same die.
|
Hackers accessed BWH Hotels reservation system for months (2 minute read)
BWH Hotels, the 4,000-property parent of Best Western, WorldHotels, and Sure Hotels, disclosed that an unauthorized third party maintained access to a guest reservation web application from October 14, 2025, until detection on April 22, 2026, exposing names, email addresses, phone numbers, home addresses, reservation numbers, stay dates, and special requests. Payment data was not stored in the affected system and remains uncompromised, and BWH has taken the application offline, revoked access, and engaged external responders. No group has claimed the intrusion, and affected guests should treat any inbound booking-related email, SMS, or call as likely phishing given the high-fidelity reservation context attackers now hold.
|
|
Love TLDR? Tell your friends and get rewards! |
|
Share your referral link below with friends to get free TLDR swag!
|
|
|
|
| Track your referrals here. |
|
|
|
0 Comments