SAP npm Supply Chain ⛓️, GPT-5.5 Cyber Eval 🤖, Google Adjusts Bounties 🔍

TeamPCP compromised four SAP npm packages, receiving 572,000 weekly downloads, plus Intercom's SDK and Lightning deep learning framework ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ 

Sign Up |Advertise|View Online TLDR Together With TLDR Information Security 2026-05-04 Webinar: Access management for AI agents (Sponsor) AI agents and automation are reshaping access management. They use API tokens and service accounts across IDEs, scripts, and CI pipelines. These credentials are created on developer machines and used by machine workflows. As AI adoption increases, security teams face growing secret sprawl outside the visibility of traditional controls. In this webinar, we'll explore how organizations can adopt AI and automation without expanding credential risk. Key Takeaways:  Why AI agents and machine identities expand access risk Where non-human credential blind spots emerge How to secure credentials at time of use Watch now 🔓 Attacks & Vulnerabilities Ubuntu services hit by outages after DDoS attack (2 minute read) Iraq's 313 Team executed a DDoS attack on Ubuntu and Canonical infrastructure. Outages lasted over 20 hours, blocking access to security APIs and update servers, preventing servers from installing or updating packages. Attackers used Beamed, a DDoS-for-hire service that generated 3.5 Tbps of traffic. Trellix Confirms Source Code Breach With Unauthorized Repository Access (2 minute read) Cybersecurity company Trellix disclosed unauthorized access to a portion of its source code repository. The company found no evidence that the code was exploited or that its release process was compromised. Trellix notified law enforcement and is working with forensic experts to investigate. 🧠 Strategies & Tactics The case for dependency cooldowns in a post-axios world (4 minute read) Recent npm supply chain compromises, including Axios (57M+ weekly downloads, 84,000 dependents), s1ngularity, and both Shai-Hulud waves, have weaponized semantic versioning ranges (^ and ~) into silent attacker delivery channels, with malicious versions propagating worldwide within minutes of publication. Dependency cooldowns enforce a delay before newly released versions become installable, and a 12-hour minimum would have blocked the Axios and s1ngularity attacks entirely since both were detected within 3 to 4 hours, though one week is the recommended window. Defenders should configure min-release-age in npm 11.10.0+, minimumReleaseAge in pnpm, npmMinimalAgeGate in Yarn, or Dependabot cooldown settings (which extend to GitHub Actions and Python), while pairing cooldowns with package scanners like GuardDog and install-time blockers like Supply-Chain Firewall since patient attackers will adapt by delaying payload execution past the window. Watch Guard! Qilin affiliate exploits network appliances for initial access (10 minute read) Ctrl-Alt-Intel tracked a Qilin RaaS affiliate across 5 exposed open-directories from August 2025 to March 2026, observing 1,929 exploit invocations against 918 unique WatchGuard Firebox IPs (71.5% Germany, 28.1% US) using watchTowr's CVE-2025-9242 POC, alongside POCs for CVE-2025-14733, CVE-2025-40554 (SolarWinds), CVE-2025-59718 (FortiOS), CVE-2025-60021 (Apache bRPC), CVE-2026-24061, and CVE-2026-24423. The kill chain ran IKE exploitation on port 500 to force callbacks on port 2007, dropped a renamed Chisel binary (fos) for reverse SOCKS pivoting, and deployed Sliver C2 from servers at 31.57.147.229, 31.57.38.155, 23.27.140.108, and 23.27.143.170, with victim-named Qilin binaries (kruss, qusar, tron, sssd) capable of encrypting Linux, ESXi, and Nutanix AHV hosts via ChaCha20. Defenders should hunt for Sliver/Chisel processes on edge appliances, monitor /etc/wg config.xml access on WatchGuard, block the listed C2 IPs, patch the seven CVEs immediately, and treat firewalls/VPNs as high-priority telemetry gaps since these appliances rarely run AV/EDR stacks. Seven Queries to Audit the Sentinel Detections Your SOC May Have Missed (8 minute read) Rohitashokgowd published seven KQL queries that surface the failure modes Sentinel's built-in health checks miss: silent zombie rules running successfully against empty tables (using the underused QueryResultAmount column in _SentinelHealth), shadow detectors generating alerts that never become incidents, "everything is benign" rules where analyst Classification data shows over 90% non-actionable closures, broken feeds where rules query tables that stopped ingesting, forgotten-disabled rules flagged via SentinelAudit, untracked detections missing MITRE tactics or entity mappings, and coverage drift where a MITRE technique's alert volume drops 60%+ between rolling 30-day windows. Three of the checks depend on a rule inventory pattern in which a scheduled Logic App pulls ARM analytics rule definitions into a custom Log Analytics table (SentinelAnalyticalRules_CL), so query text and metadata can be joined in KQL. Detection engineers should run these quarterly to catch the dangerous middle ground where rules are green, and data flows, but the detection pattern has stopped matching, then retire, retune, or redirect rules accordingly, rather than letting disabled rules and silent feeds masquerade as coverage. 🧑‍💻 Launches & Tools 87% of orgs have exploitable vulnerabilities in prod. Here's how DevSecOps changes that (Sponsor) Datadog's 2026 State of DevSecOps Report puts it bluntly: 80% of alerts are noise and almost 9 out of 10 orgs are shipping vulnerable code. The report also covers the workflows and metrics high-performing security orgs rely upon to reduce exposure without slowing their teams. Get your free copy SharkMCP (GitHub Repo) SharkMCP is an MCP server that exposes Wireshark's programmatic interface (sharkd) as a set of tools to LLMs. Pike Agent (GitHub Repo) Pike Agent records and analyzes how programs behave on Linux. It traces a program's activity, indexes it into a database, and lets you chat with an LLM agent about it in a TUI. TrailTool: CloudTrail for AI Agents (4 minute read) TrailTool is an open-source AWS tool that pre-processes CloudTrail logs via Lambda and caches them in DynamoDB grouped by entities (People, Sessions, Roles, Services, and Resources) so AI agents can answer access-pattern questions without burning context on raw log queries. The CLI surfaces four agent-driven workflows: detecting ClickOps resource modifications, generating least-privilege IAM policies from session activity using iamlive mappings, auto-drafting permission fixes for AccessDenied errors, and validating break-glass justifications by comparing stated intent against actual session activity. Defenders deploy the Ingestor Lambda via SAM and query with standard AWS credentials. A hosted version is available at trailtool.io for teams that want to skip the deployment step. 🎁 Miscellaneous 76% of All Crypto Stolen in 2026 Is Now in North Korea (5 minute read) North Korean hackers stole 76% of all cryptocurrency losses in 2026 through two major breaches: $285 million from Drift Protocol and $292 million from KelpDAO. The DPRK uses AI to enhance social engineering and reconnaissance, enabling high-yield attacks at low frequency. Celebrities' and Influencers' Private Communications Exposed in Stalkerware Data Breach (8 minute read) Security researcher Jeremiah Fowler discovered an unprotected, unencrypted database containing nearly 87k screenshots of a user's device, taken by stalkerware. The database does not seem to be affiliated with the stalkerware company named in it, but rather a private individual's activities. Fowler notified the victim and law enforcement of the database. Our Evaluation of OpenAI's GPT-5.5 Cyber Capabilities (5 minute read) The UK's AI Security Institute (AISI) followed up on their evaluation of Claude Mythos with an evaluation of OpenAI's GPT-5.5 in their cyber range. The model was able to trivially complete all the CTF-style challenges and, in 2 out of 10 attempts (compared to Mythos' 3 out of 10), complete the “The Last Ones” end-to-end challenge, which is meant to mimic an enterprise network. No model has yet been able to solve AISI's second cyber range, which mimics an Industrial Control System (ICS) network. ⚡ Quick Links EvilTokens: Big Cybercrime's AI Platform Built to Bypass Your MFA (Sponsor) 340+ organizations were compromised without a single line of malware. Learn how AI-powered attacks bypass MFA undetected and what you can do about it. Register Now → Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge (2 minute read) Google raised maximum Android VRP payouts to $1.5 million for zero-click Pixel Titan M exploits with persistence. Two Americans Who Attacked Multiple U.S. Victims Using ALPHV BlackCat Ransomware Sentenced to Prison (3 minute read) Ryan Goldberg and Kevin Martin, two cybersecurity professionals from the US, were each sentenced to four years in prison for deploying ALPHV BlackCat ransomware as affiliates against multiple American victims in 2023, extorting $1.2 million from one victim and leaking patient data from a doctor's office. New Bluekit Phishing Kit Features AI Assistant (2 minute read) Bluekit is a phishing kit advertising 40+ templates targeting Apple ID, iCloud, GitHub, Gmail, Ledger, and ProtonMail. Love TLDR? Tell your friends and get rewards! Share your referral link below with friends to get free TLDR swag! https://refer.tldr.tech/dc263000/8 Track your referrals here. Want to advertise in TLDR? 📰 If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to advertise with us. Want to work at TLDR? 💼 Apply here, create your own role or send a friend's resume to jobs@tldr.tech and get $1k if we hire them! TLDR is one of Inc.'s Best Bootstrapped businesses of 2025. If you have any comments or feedback, just respond to this email! Thanks for reading, Prasanna Gautam, Eric Fernandez & Sammy Tbeile Manage your subscriptions to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please unsubscribe.