[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"tag:open-source":3},{"tag":4,"articles":8,"awareness":457,"events":458,"tips":459,"focus_items":460,"total_count":461},{"slug":5,"name":6,"description":7},"open-source","Open Source","OSS vulnerabilities, package security, dependency risks",[9,18,27,36,45,54,63,72,81,90,99,108,117,126,135,144,153,162,171,180,189,198,206,215,224,233,242,251,260,269,278,286,295,304,313,322,331,340,349,358,367,376,385,394,403,412,421,430,439,448],{"id":10,"title":11,"slug":12,"brief":13,"ai_summary":14,"url":15,"image_url":16,"published_at":17},"f1b72fff-ed9c-408d-b98e-4f021d170880","Malicious Postinstall Hook Found Across 700+ GitHub Repositories, Including Packagist and Node.js Projects","malicious-postinstall-hook-found-across-700-github-repositories-including-packag-4fdf9d","Malicious postinstall hooks discovered across 700+ GitHub repos targeting PHP and Node.js packages via Packagist.","Socket researchers identified a coordinated supply chain campaign affecting eight Composer packages on Packagist, where upstream repositories were modified to include malicious postinstall scripts in package.json files. The scripts attempted to download a Linux binary named gvfsd-network from an attacker-controlled GitHub Releases URL, save it to \u002Ftmp\u002F.sshd, and execute it in the background with disabled TLS verification. A broader GitHub search revealed hundreds of additional references to the same attacker infrastructure across Node.js repositories, suggesting the campaign extends far beyond the confirmed Packagist findings.","https:\u002F\u002Fsocket.dev\u002Fblog\u002Fmalicious-postinstall-hook-found-across-700-github-repos?utm_medium=feed","https:\u002F\u002Fcdn.sanity.io\u002Fimages\u002Fcgdhsj6q\u002Fproduction\u002Fd66a69ec89dc89742b33b6b178982263b5f44386-1672x941.png?w=1000&q=95&fit=max&auto=format","2026-05-22T21:03:29.112+00:00",{"id":19,"title":20,"slug":21,"brief":22,"ai_summary":23,"url":24,"image_url":25,"published_at":26},"fdb6209c-f668-4c74-ae62-ebb67cbcecb4","RT @CISACyber: 🛡️ We added Drupal core SQL injection vulnerability CVE-2026-9082 to our KEV Cata...","rt-cisacyber-we-added-drupal-core-sql-injection-vulnerability-cve-2026-9082-to-o-02c8ea","CISA adds Drupal core SQL injection vulnerability CVE-2026-9082 to KEV catalog","CISA has added CVE-2026-9082, a SQL injection vulnerability in Drupal core, to its Known Exploited Vulnerabilities (KEV) catalog. The addition indicates this vulnerability is being actively exploited in the wild and organizations should prioritize patching. Administrators running Drupal should apply available security updates immediately.","https:\u002F\u002Fx.com\u002FCISAgov\u002Fstatus\u002F2057893782339592352",null,"2026-05-22T18:38:06+00:00",{"id":28,"title":29,"slug":30,"brief":31,"ai_summary":32,"url":33,"image_url":34,"published_at":35},"971838a3-7c15-45ba-85b7-e1d3fcaac759","AI Has Taken Over Open Source","ai-has-taken-over-open-source-079c96","AI-generated packages surge exponentially on npm, reshaping open source production and consumption.","Socket's analysis reveals AI coding tools have fundamentally transformed npm's ecosystem, driving a 10x increase in package creation since January 2026, identifiable by linguistic markers like em dashes. Simultaneously, AI-generated pull requests are overwhelming maintainers, while AI-driven dependency selection has made the software supply chain largely automated and opaque, creating significant supply-chain security risks that require automated scanning rather than manual review.","https:\u002F\u002Fsocket.dev\u002Fblog\u002Fai-has-taken-over-open-source?utm_medium=feed","https:\u002F\u002Fcdn.sanity.io\u002Fimages\u002Fcgdhsj6q\u002Fproduction\u002F28afd79494a5eae74cf7afee8124384497cef27a-1672x941.png?w=1000&q=95&fit=max&auto=format","2026-05-22T14:22:05.743+00:00",{"id":37,"title":38,"slug":39,"brief":40,"ai_summary":41,"url":42,"image_url":43,"published_at":44},"82ba1008-c993-4751-bc59-0fab8dbd4d3b","GitHub links repo breach to TanStack npm supply-chain attack","github-links-repo-breach-to-tanstack-npm-supply-chain-attack-8023fe","GitHub breach of 3,800 repos linked to malicious Nx Console extension in TanStack npm supply-chain attack","GitHub disclosed a breach of 3,800 internal repositories stemming from an employee installing a malicious version of the Nx Console VS Code extension, which was compromised as part of the TanStack npm supply-chain attack attributed to TeamPCP. The poisoned extension (v18.95.0) was designed to steal credentials for npm, AWS, Kubernetes, GitHub, and GCP\u002FDocker; it was live for ~18 minutes on VS Code Marketplace and 36 minutes on OpenVSX before removal. TeamPCP has claimed access to ~4,000 private GitHub repos and is demanding at least $50,000 for the data.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fgithub-links-repo-breach-to-tanstack-npm-supply-chain-attack\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F21\u002FGitHub_headpic.jpg","2026-05-21T06:54:01+00:00",{"id":46,"title":47,"slug":48,"brief":49,"ai_summary":50,"url":51,"image_url":52,"published_at":53},"0b73095a-cc81-4592-84a2-06a9e207040c","Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development","socket-raises-60m-series-c-at-a-1b-valuation-to-secure-software-supply-chains-fo-121e20","Socket raises $60M Series C at $1B valuation to defend software supply chains against AI-era attacks.","Socket, a software supply chain security platform, has closed a $60 million Series C funding round at a $1 billion valuation led by Thrive Capital. The company has grown to protect over 20,000 organizations and blocks more than 1,000 supply chain attacks weekly. The funding will support expansion of Socket Firewall, Certified Patches, and new products to defend against escalating open source attacks driven by AI-accelerated development.","https:\u002F\u002Fsocket.dev\u002Fblog\u002Fseries-c?utm_medium=feed","https:\u002F\u002Fcdn.sanity.io\u002Fimages\u002Fcgdhsj6q\u002Fproduction\u002F0337b9076a72c4bce75f310faa268cc504690409-1920x1080.png?w=1000&q=95&fit=max&auto=format","2026-05-20T15:25:11.368+00:00",{"id":55,"title":56,"slug":57,"brief":58,"ai_summary":59,"url":60,"image_url":61,"published_at":62},"b0cdc22d-65a4-4a05-9716-c78cb04f2def","New Shai-Hulud malware wave compromises 600 npm packages","new-shai-hulud-malware-wave-compromises-600-npm-packages-629679","Shai-Hulud campaign injects malware into 600+ npm packages to steal developer credentials.","Threat actors published 639 malicious versions across 323 unique packages to npm on May 19, 2026, primarily targeting the @antv ecosystem (charting and visualization libraries). The malware steals GitHub, npm, cloud, Kubernetes, and CI\u002FCD credentials, exfiltrating them via Session P2P network and GitHub repositories to evade detection. This is part of an ongoing Shai-Hulud campaign that began in September 2025 and now includes capabilities to forge valid Sigstore provenance attestations and establish persistence via VS Code and Claude Code configuration.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fnew-shai-hulud-malware-wave-compromises-600-npm-packages\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F19\u002Fbox.jpg","2026-05-19T14:30:22+00:00",{"id":64,"title":65,"slug":66,"brief":67,"ai_summary":68,"url":69,"image_url":70,"published_at":71},"d0ecb73f-26c2-4d60-a6c6-3c833eb87c33","Leaked Shai-Hulud malware fuels new npm infostealer campaign","leaked-shai-hulud-malware-fuels-new-npm-infostealer-campaign-70e54c","Leaked Shai-Hulud malware deployed in four malicious npm packages by threat actor.","A threat actor using the account deadcode09284814 published four malicious npm packages embedding the recently leaked Shai-Hulud malware, targeting developer credentials, secrets, and cryptocurrency wallet data. The packages used typosquatting tactics (e.g., chalk-tempalte, axois-utils) and included DDoS botnet functionality in addition to information-stealing capabilities. OXsecurity researchers attributed the malware to a different actor than TeamPCP, noting the unobfuscated source code deployment, and reported the packages were downloaded 2,678 times combined before removal.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fleaked-shai-hulud-malware-fuels-new-npm-infostealer-campaign\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F18\u002FNPM-worms.jpg","2026-05-18T17:28:02+00:00",{"id":73,"title":74,"slug":75,"brief":76,"ai_summary":77,"url":78,"image_url":79,"published_at":80},"a4399ddb-8240-45e7-ae06-2671b8e2243f","First Shai-Hulud Worm Clones Emerge","first-shai-hulud-worm-clones-emerge-07c859","Shai-Hulud worm clones emerge days after source code release on GitHub.","Days after TeamPCP released the Shai-Hulud worm's source code on GitHub, threat actors have begun deploying clones and variants in fresh supply chain attacks targeting NPM developers. A threat actor published four malicious NPM packages, including a direct Shai-Hulud clone called 'chalk-tempalte' and three typo-squatting packages targeting Axios users, with combined weekly downloads exceeding 2,600. Security researchers warn this marks the first phase of an upcoming wave of supply chain attacks leveraging the now-public malware code.","https:\u002F\u002Fwww.securityweek.com\u002Ffirst-shai-hulud-worm-clones-emerge\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2025\u002F11\u002Fmalware.jpeg","2026-05-18T09:45:15+00:00",{"id":82,"title":83,"slug":84,"brief":85,"ai_summary":86,"url":87,"image_url":88,"published_at":89},"c37eadb5-f0ce-4735-a8ae-ef3ce524e866","Grafana Says It Rejected Ransom Demand After Source Code Theft","grafana-says-it-rejected-ransom-demand-after-source-code-theft-9a110e","Grafana confirms source code theft via compromised GitHub token; rejects ransom demand.","Grafana Labs disclosed that attackers obtained a compromised GitHub token to access and download part of its source code repository. The company confirmed no customer data or systems were affected and rejected a subsequent ransom demand from the threat actor, citing FBI guidance against paying extortion. Grafana has revoked the compromised credentials and implemented additional safeguards while conducting a post-incident review.","https:\u002F\u002Fhackread.com\u002Fgrafana-source-code-theft-rejected-ransom-demand\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fgrafana-source-code-theft-rejected-ransom-demand-2.png","2026-05-17T10:17:46+00:00",{"id":91,"title":92,"slug":93,"brief":94,"ai_summary":95,"url":96,"image_url":97,"published_at":98},"588fb153-269d-4446-896e-827e0d71454e","Funnel Builder WordPress plugin bug exploited to steal credit cards","funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards-bf2184","Funnel Builder WordPress plugin vulnerability exploited to inject payment card skimmers.","A critical unauthenticated vulnerability in the Funnel Builder WordPress plugin (affecting versions before 3.15.0.3) is being actively exploited to inject malicious JavaScript into WooCommerce checkout pages. Attackers inject payment card skimmers that steal credit card numbers, CVVs, and billing addresses from over 40,000 affected websites. The vendor released a patch and recommends immediate updates and review of External Scripts settings.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Ffunnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F15\u002FWoo.jpg","2026-05-15T19:30:33+00:00",{"id":100,"title":101,"slug":102,"brief":103,"ai_summary":104,"url":105,"image_url":106,"published_at":107},"30481466-b893-4cfb-b79f-82c4e440d27e","Popular node-ipc npm package compromised to steal credentials","popular-node-ipc-npm-package-compromised-to-steal-credentials-4a26b3","node-ipc npm package compromised with credential-stealing malware in three versions.","Hackers compromised the popular node-ipc npm package by injecting credential-stealing malware into versions 9.1.6, 9.2.3, and 12.0.1. The malware, hidden in the CommonJS entrypoint, fingerprints systems and exfiltrates sensitive data including cloud credentials, SSH keys, API tokens, and shell histories via DNS TXT queries. Developers using affected versions are urged to immediately remove them and rotate all exposed credentials.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fpopular-node-ipc-npm-package-compromised-to-steal-credentials\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F15\u002Fnpm.jpg","2026-05-15T17:10:42+00:00",{"id":109,"title":110,"slug":111,"brief":112,"ai_summary":113,"url":114,"image_url":115,"published_at":116},"d3fe269f-d683-4dc9-99ce-b0b3a34697a9","TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates","tanstack-supply-chain-attack-hits-two-openai-employee-devices-forces-macos-updat-ef5e7b","TanStack supply chain attack via Mini Shai-Hulud worm compromises two OpenAI employee devices.","OpenAI disclosed that two employee devices were compromised through the Mini Shai-Hulud supply chain attack targeting TanStack, resulting in unauthorized access to limited internal source code repositories and credential exfiltration. No production systems, user data, or intellectual property were compromised. OpenAI revoked and reissued code-signing certificates for macOS apps (ChatGPT Desktop, Codex App, Codex CLI, Atlas) and implemented containment measures including credential rotation and session revocation.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Ftanstack-supply-chain-attack-hits-two.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEj1l4Vq20M4553fkDfGbO9VqLV9Au-6EefivLp8HT2W5QxJvgWf1mr6pg5xsbC5j3FCJzOOCJv_CImY1LjjFYIN_25ajki1iS_EVPvTyeVY7bC3ogcQFzHmE1Xyaz3cRXneilC0rWcb8dLbUapLI_jZ-uBaUkku48absoxM6TG16jS3xxtw9lhhtCvJmemK\u002Fs1600\u002Fchatgpt.jpg","2026-05-15T10:54:44+00:00",{"id":118,"title":119,"slug":120,"brief":121,"ai_summary":122,"url":123,"image_url":124,"published_at":125},"db774f55-cdc0-43e9-8cb7-97202d95a48c","TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code","teampcp-ups-the-game-releases-shai-hulud-worm-s-source-code-1dd603","TeamPCP releases Shai-Hulud worm source code on GitHub, fueling supply chain attacks with monetary rewards.","The hacking group TeamPCP publicly released the source code for its Shai-Hulud worm on GitHub, accompanied by detailed deployment instructions, enabling copycat attacks across the open source ecosystem. TeamPCP and BreachForums simultaneously announced a \"supply chain challenge\" offering monetary rewards to cybercriminals who use the worm in attacks. Security researchers warn this will likely spawn variants and trigger a significant spike in sophisticated supply chain compromise activity.","https:\u002F\u002Fwww.securityweek.com\u002Fteampcp-ups-the-game-releases-shai-hulud-worms-source-code\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2025\u002F11\u002FNPM-code-software-development.jpeg","2026-05-15T09:47:09+00:00",{"id":127,"title":128,"slug":129,"brief":130,"ai_summary":131,"url":132,"image_url":133,"published_at":134},"dc4df06b-3420-4ee2-83ea-d61d9b12d105","TeamPCP hackers advertise Mistral AI code repos for sale","teampcp-hackers-advertise-mistral-ai-code-repos-for-sale-642776","TeamPCP hackers demand $25K for stolen Mistral AI source code via supply-chain compromise.","The TeamPCP threat actor group claims to have stolen approximately 5GB of source code from Mistral AI, a French AI company, following compromise via the Mini Shai-Hulud supply-chain attack that affected TanStack and npm\u002FPyPI packages. TeamPCP is advertising the 450 repositories for sale at $25,000 with a one-week deadline, threatening to leak the data publicly if no buyer is found. Mistral AI confirmed the breach occurred through compromised CI\u002FCD credentials but states core infrastructure and user data were unaffected.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fteampcp-hackers-advertise-mistral-ai-code-repos-for-sale\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F14\u002FMistral_AI.jpg","2026-05-14T22:50:36+00:00",{"id":136,"title":137,"slug":138,"brief":139,"ai_summary":140,"url":141,"image_url":142,"published_at":143},"bc8702b7-4f5c-421a-9fe6-ebf124d4e82d","‼️🇺🇸⚡ Lightning AI allegedly breached: internal codebase and project files exposed from the cre...","lightning-ai-allegedly-breached-internal-codebase-and-project-files-exposed-from-aef3a0","Lightning AI allegedly breached; internal codebase and PyTorch Lightning project files exposed.","A threat actor claims to have breached Lightning AI and leaked internal data including source code and project files related to PyTorch Lightning. The exposed materials were allegedly published by the actor. This incident poses a potential supply-chain risk given PyTorch Lightning's widespread use in the AI\u002FML community.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2055045072610013445","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHIT8mbzXQAAmUQj.jpg","2026-05-14T21:58:20+00:00",{"id":145,"title":146,"slug":147,"brief":148,"ai_summary":149,"url":150,"image_url":151,"published_at":152},"9118dacb-dc4e-4d55-8fe1-08774d67f4da","Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets","stealer-backdoor-found-in-3-node-ipc-versions-targeting-developer-secrets-958ff8","Stealer backdoor discovered in 3 node-ipc npm package versions targeting developer credentials.","Cybersecurity researchers discovered malicious code in three versions of the popular node-ipc npm package (9.1.6, 9.2.3, 12.0.1) published by a compromised account. The stealer\u002Fbackdoor harvests 90 categories of developer and cloud secrets—including AWS, Google Cloud, Azure, SSH keys, GitHub tokens, and Kubernetes credentials—and exfiltrates them via HTTPS and DNS tunneling to a C2 server. The attack uses sophisticated obfuscation and anti-detection techniques, including SHA-256 fingerprinting to target specific projects and DNS-based exfiltration to bypass corporate security controls.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fstealer-backdoor-found-in-3-node-ipc.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEhTj2m9-HHmDEDzKIsalsJ_HJcwcUsIFajvcpTLP9QMyqS9F_JroTH7lXeOGZFuO6j6F-RzbIo1kBIQ0udSFQGzjN2hxO8ZfyFeHM5557BPI1sjiJ7cEMJJE62t11e07Wt1CsmAntpLHSM0XbnQDvVYNBfNdAOsob9kN6G6-mQjKX68fEE1nzy_Bn4TvxyK\u002Fs1600\u002Fnode.jpg","2026-05-14T17:22:43+00:00",{"id":154,"title":155,"slug":156,"brief":157,"ai_summary":158,"url":159,"image_url":160,"published_at":161},"aa9b6454-e13d-4366-9eb6-907d5da71be6","node-ipc npm Package Compromised in Supply Chain Attack","node-ipc-npm-package-compromised-in-supply-chain-attack-4ed0f2","node-ipc npm package compromised again with stealer\u002Fbackdoor malware in versions 9.1.6, 9.2.3, 12.0.1","Socket's threat detection system identified malicious versions of the widely-used node-ipc npm package within minutes of publication. The compromised versions 9.1.6, 9.2.3, and 12.0.1 contain obfuscated stealer\u002Fbackdoor code that fingerprints hosts, exfiltrates files, and attempts data exfiltration through DNS-selected endpoints. This marks the second major compromise of node-ipc, following the notorious 2022 incident and intermediate malicious versions in 2024.","https:\u002F\u002Fsocket.dev\u002Fblog\u002Fnode-ipc-package-compromised?utm_medium=feed","https:\u002F\u002Fcdn.sanity.io\u002Fimages\u002Fcgdhsj6q\u002Fproduction\u002F5bc29841f7aeae15eaf536fdf59b10d710268253-1047x661.png?w=1000&q=95&fit=max&auto=format","2026-05-14T15:48:51.85+00:00",{"id":163,"title":164,"slug":165,"brief":166,"ai_summary":167,"url":168,"image_url":169,"published_at":170},"126f004f-513c-4146-851c-7c3deb1bc57a","18-year-old NGINX vulnerability allows DoS, potential RCE","18-year-old-nginx-vulnerability-allows-dos-potential-rce-fac815","18-year-old NGINX heap buffer overflow vulnerability allows DoS and potential RCE.","An 18-year-old heap buffer overflow vulnerability (CVE-2026-42945) in NGINX was discovered using autonomous scanning and affects versions 0.6.27 through 1.30.0 with a critical CVSS score of 9.2. The flaw, triggered when NGINX configurations use 'rewrite' and 'set' directives, stems from inconsistent state handling in the rewrite engine that causes buffer size miscalculation. Remote code execution was demonstrated on systems with ASLR disabled; three additional memory corruption flaws were also disclosed.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002F18-year-old-nginx-vulnerability-allows-dos-potential-rce\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F14\u002FNGINX.jpg","2026-05-14T15:43:41+00:00",{"id":172,"title":173,"slug":174,"brief":175,"ai_summary":176,"url":177,"image_url":178,"published_at":179},"8c021596-bdc0-4ddb-b399-65abcbc96387","PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure","praisonai-cve-2026-44338-auth-bypass-targeted-within-hours-of-disclosure-d33a9e","PraisonAI CVE-2026-44338 auth bypass exploited within hours of disclosure","Threat actors began exploiting CVE-2026-44338, a missing authentication vulnerability in PraisonAI's legacy Flask API server, within 3 hours 44 minutes of public disclosure on May 11, 2026. The flaw (CVSS 7.3) allows unauthenticated access to sensitive endpoints including agent enumeration and workflow invocation. The vulnerability affects versions 2.5.6 through 4.6.33 and has been patched in version 4.6.34.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fpraisonai-cve-2026-44338-auth-bypass.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEg2IaSkdVZD_wyJJT-sODoazviDXhw3MGkn5XHYocnTL1YfLJpgJ-1wNaAm0Rk0phyrIv8vS73SNNkPSmlxRkK9ySAQGnn_tCP9JcVKyqee6lxjlYEp0cs2C_R9cDtgCEXwsjWtx1XnafF5r_fAuDDAvg0CRMOgJk8ZMwSjRsw1Js90uR-97t-rh5yU12Oj\u002Fs1600\u002Fpraison.jpg","2026-05-14T11:40:14+00:00",{"id":181,"title":182,"slug":183,"brief":184,"ai_summary":185,"url":186,"image_url":187,"published_at":188},"49be262e-42e8-4a01-86c9-b1df7e1fd541","TeamPCP and BreachForums Launch $1,000 Contest for Supply Chain Attacks","teampcp-and-breachforums-launch-1-000-contest-for-supply-chain-attacks-0f2fdb","TeamPCP and BreachForums launch $1,000 contest rewarding supply chain attacks on open source packages.","TeamPCP, in collaboration with BreachForums, announced a competition offering $1,000 USD in Monero to attackers who successfully compromise open source packages using their Shai-Hulud attack tool. Winners are determined by download counts of compromised packages, incentivizing both high-impact single targets and broad ecosystem compromise. The contest functions as a recruitment mechanism for lower-tier threat actors, with the prize amount negligible compared to the value of credentials stolen from CI\u002FCD pipelines and enterprise environments.","https:\u002F\u002Fsocket.dev\u002Fblog\u002Fteampcp-supply-chain-attack-contest?utm_medium=feed","https:\u002F\u002Fcdn.sanity.io\u002Fimages\u002Fcgdhsj6q\u002Fproduction\u002Fd62d781ca0fc098a88c5bc51fdd08215d3bcb83f-1254x1254.png?w=1000&q=95&fit=max&auto=format","2026-05-14T02:49:33.417+00:00",{"id":190,"title":191,"slug":192,"brief":193,"ai_summary":194,"url":195,"image_url":196,"published_at":197},"22ce4da3-55e7-45bb-8200-6af143a5a116","Security advisories | Mistral Docs","security-advisories-mistral-docs-ee7f61","TanStack supply chain attack compromises Mistral AI SDK packages on npm and PyPI","Mistral AI's SDKs were impacted by a supply chain attack via compromised TanStack dependency, resulting in malicious npm and PyPI package versions being published. The npm packages were inoffensive (broken references), but the PyPI package (v2.4.6) contained malicious code that harvests credentials on Linux systems. Mistral's infrastructure was not compromised; affected versions have been removed and forensics confirm an affected developer device was involved.","https:\u002F\u002Fdocs.mistral.ai\u002Fresources\u002Fsecurity-advisories","https:\u002F\u002Fdocs.mistral.ai\u002Fapi\u002Fog?eyebraw=%28developers%29+%3E+resources+%3E+security-advisories&title=Security+advisories&type=generic&description=Security+advisories+and+remediation+guidance+for+incidents+affecting+Mistral+packages.","2026-05-13T22:00:59+00:00",{"id":199,"title":200,"slug":201,"brief":202,"ai_summary":203,"url":204,"image_url":205,"published_at":197},"587adb59-1a67-48a5-9de8-a47f5343e1c9","‼️🇫🇷 Mistral AI has confirmed they were impacted by the recent TanStack supply chain attack.\n\nh...","mistral-ai-has-confirmed-they-were-impacted-by-the-recent-tanstack-supply-chain--1ca7b6","Mistral AI confirms impact from TanStack supply chain attack.","Mistral AI has disclosed that it was affected by the recent TanStack supply chain attack, which compromised a popular open-source dependency. The attack leveraged a compromised package to distribute malicious code to downstream users. Mistral AI's confirmation adds to the growing list of organizations impacted by this supply chain incident.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2054683350468596166","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHIOzdFUWMAAqfaX.png",{"id":207,"title":208,"slug":209,"brief":210,"ai_summary":211,"url":212,"image_url":213,"published_at":214},"296ff0d7-dcaf-4b95-9797-2f1c205e5bdb","Attackers Weaponize RubyGems for Data Dead Drops","attackers-weaponize-rubygems-for-data-dead-drops-a2878c","Threat actors publish malicious RubyGems packages with scrapers targeting UK government servers.","Attackers have published RubyGems packages containing scraper code that targets public-facing UK government servers. The packages appear designed for data exfiltration or reconnaissance, though the threat actors' ultimate objective remains unclear. This represents a supply chain attack leveraging the Ruby package ecosystem.","https:\u002F\u002Fwww.darkreading.com\u002Fapplication-security\u002Fattackers-weaponize-rubygems-data-dead-drops","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fblt5c3a7f42da5b1b95\u002F6a04cc6a3840020cbc815a66\u002Fruby_Zerilli_Media_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale","2026-05-13T21:09:20+00:00",{"id":216,"title":217,"slug":218,"brief":219,"ai_summary":220,"url":221,"image_url":222,"published_at":223},"0cd6dfea-48a1-4923-9d8e-98e8ede4162d","New critical Exim mailer flaw allows remote code execution","new-critical-exim-mailer-flaw-allows-remote-code-execution-74ce92","Critical Exim mail server flaw CVE-2026-45185 allows unauthenticated remote code execution via TLS handling.","A critical user-after-free vulnerability (CVE-2026-45185) in Exim versions 4.97–4.99.2 compiled with GnuTLS allows unauthenticated remote attackers to execute arbitrary code by exploiting improper TLS buffer handling during BDAT chunked SMTP traffic. The flaw affects widely deployed mail servers on Linux and Unix systems, particularly in Debian and Ubuntu distributions. Exim 4.99.3 contains the fix.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fnew-critical-exim-mailer-flaw-allows-remote-code-execution\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F13\u002Fexim.jpg","2026-05-13T20:23:50+00:00",{"id":225,"title":226,"slug":227,"brief":228,"ai_summary":229,"url":230,"image_url":231,"published_at":232},"a62e43bc-e9fa-4817-be52-e94631f4d3be","TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages","teampcp-used-mini-shai-hulud-worm-to-poison-over-400-npm-and-pypi-packages-a831b1","TeamPCP poisoned 400+ npm and PyPI packages with Mini Shai-Hulud self-propagating worm via hijacked OIDC tokens.","TeamPCP executed a massive coordinated supply chain attack on May 11–12, 2026, compromising over 400 packages across npm and PyPI by hijacking OpenID Connect tokens to gain unauthorized CI\u002FCD access. The self-propagating Mini Shai-Hulud worm targeted high-profile projects including TanStack, Mistral AI, UiPath, OpenSearch, and Guardrails AI, stealing AWS credentials, GitHub tokens, and HashiCorp Vault secrets while using the Oxen network to avoid detection. The attack marks an escalation in supply chain tactics, with the group now directly targeting trusted CI\u002FCD pipelines and using valid SLSA provenance attestations to bypass security filters.","https:\u002F\u002Fhackread.com\u002Fteampcp-mini-shai-hulud-worm-npm-pypi-packages\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fteampcp-mini-shai-hulud-worm-npm-pypi-packages.jpg","2026-05-13T15:18:47+00:00",{"id":234,"title":235,"slug":236,"brief":237,"ai_summary":238,"url":239,"image_url":240,"published_at":241},"596c87f2-f1e1-4038-aa8b-6fece2b2130e","Packagist Urges Immediate Composer Update After GitHub Actions Token Leak","packagist-urges-immediate-composer-update-after-github-actions-token-leak-e1f413","Composer vulnerability exposed GitHub Actions tokens in CI logs due to token format validation regex mismatch.","Packagist urgently warned PHP projects to update Composer after a GitHub token format change caused authentication tokens to be exposed in GitHub Actions CI logs. Composer versions 2.9.8, 2.2.28 LTS, and 1.10.28 fix a vulnerability where the tool would print full GITHUB_TOKEN or GitHub App installation token values to stderr when validation failed against an outdated regex pattern. Although GitHub has since rolled back the token format change, the fix is critical for projects that may have already exposed credentials during the brief exposure window.","https:\u002F\u002Fsocket.dev\u002Fblog\u002Fpackagist-urges-immediate-composer-update?utm_medium=feed","https:\u002F\u002Fcdn.sanity.io\u002Fimages\u002Fcgdhsj6q\u002Fproduction\u002F53eba9063cf50df4d6f251fc17f0eb10144405c4-2048x2048.jpg?w=1000&q=95&fit=max&auto=format","2026-05-13T14:08:18.701+00:00",{"id":243,"title":244,"slug":245,"brief":246,"ai_summary":247,"url":248,"image_url":249,"published_at":250},"a7e32670-c1ee-4bb3-ac4f-fdfc23c798e4","GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data","gemstuffer-abuses-150-rubygems-to-exfiltrate-scraped-u-k-council-portal-data-39e964","GemStuffer campaign abuses 150+ RubyGems packages to exfiltrate U.K. council portal data.","Researchers identified GemStuffer, a campaign targeting RubyGems with over 150 malicious packages designed not for widespread developer compromise but as a data exfiltration channel. The packages fetch and scrape publicly accessible U.K. local government council portal content (meeting calendars, agendas, PDFs, contact info) and repackage it as legitimate gem archives published back to RubyGems using hardcoded credentials. The novel abuse pattern suggests the attacker may be demonstrating capability against government infrastructure or testing package registry abuse techniques.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fgemstuffer-abuses-150-rubygems-to.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEjZpbB_p88zZf6q_DhwCbgnYn2okFYqa7pwIPmknojvkOC3heteNMp3C6bzD_6WKChB4yVK0wLyoJ_-DebN0c229j-twjPyMAC-qkfGs1tjlaEoNg30fpEDh9DIByfz_h4nKhalTC_Su-FP0AYxywL_x85ILq1t-QFPtuMa_-KbLKlfsX15kvGpPCs1OZpw\u002Fs1600\u002Frubygemss.jpg","2026-05-13T08:08:54+00:00",{"id":252,"title":253,"slug":254,"brief":255,"ai_summary":256,"url":257,"image_url":258,"published_at":259},"b54066d6-2b1d-4976-9565-81ed9c1eb2c1","Hundreds of Malicious Packages Force RubyGems to Suspend Registrations","hundreds-of-malicious-packages-force-rubygems-to-suspend-registrations-d09262","RubyGems suspends new registrations after 500+ malicious packages uploaded in attack.","RubyGems.org disabled new account registrations on May 12 after threat actors published over 500 malicious packages via bot accounts, including those carrying exploits. The attack targeted RubyGems infrastructure itself with XSS and data exfiltration attempts rather than end users; all malicious packages were removed and existing packages remain uncompromised. Registrations are expected to remain suspended for 2-3 days while rate limiting and WAF protections are strengthened.","https:\u002F\u002Fwww.securityweek.com\u002Fhundreds-of-malicious-packages-force-rubygems-to-suspend-registrations\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2026\u002F04\u002Fcoding-vulnerability-software-development.jpeg","2026-05-13T07:30:36+00:00",{"id":261,"title":262,"slug":263,"brief":264,"ai_summary":265,"url":266,"image_url":267,"published_at":268},"206ff4ac-2e8e-479b-8cf2-df5d14ddc322","‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack","mini-shai-hulud-malware-compromises-hundreds-of-open-source-packages-in-sprawlin-5528f9","Mini Shai-Hulud malware compromises hundreds of open-source packages across major registries in supply-chain attack.","A malware campaign dubbed 'Mini Shai-Hulud' has infected hundreds of software packages across major open-source registries including TanStack, UiPath, and MistralAI, embedding credential-stealing code into widely-downloaded development tools. The attack bypassed two-factor authentication and used valid cryptographic signatures by manipulating CI\u002FCD pipelines, allowing malicious updates to reach millions of developers. Security researchers attribute the campaign to TeamPCP, a cloud-focused cybercriminal group that steals AWS, Google Cloud, and GitHub credentials while threatening destructive attacks if victims attempt to remove access.","https:\u002F\u002Fcyberscoop.com\u002Fmini-shai-hulud-supply-chain-malware-attack\u002F","https:\u002F\u002Fcyberscoop.com\u002Fwp-content\u002Fuploads\u002Fsites\u002F3\u002F2025\u002F02\u002FGettyImages-1148960878.jpg","2026-05-12T21:38:44+00:00",{"id":270,"title":271,"slug":272,"brief":273,"ai_summary":274,"url":275,"image_url":276,"published_at":277},"553fa590-5322-486e-a6e9-b6036cff3950","New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution","new-exim-bdat-vulnerability-exposes-gnutls-builds-to-potential-code-execution-c50c2a","Exim BDAT use-after-free vulnerability (CVE-2026-45185) enables RCE in GnuTLS builds.","Exim released security updates to address CVE-2026-45185 (Dead.Letter), a critical use-after-free vulnerability in BDAT message body parsing when GnuTLS is used. The flaw is triggered when a TLS close_notify alert arrives during incomplete body transfer, causing heap corruption that can lead to code execution. The vulnerability affects Exim versions 4.97–4.99.2 and has been patched in 4.99.3; no mitigations exist.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fnew-exim-bdat-vulnerability-exposes.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEgrSn3emm_NbwXDi3elR0wo5ErHhg-gPT4-u4zk7MHZg4u0ruMmj2_KGgPF8fz06Riv6Gu5NXMN3eBP8H5bVf6dmvOz-lvb-qrvhLlssLUzl97ZVmIWoIOmMPOGrupv864dt0d4V_dxgaaxYYNuy2z9rbZMWIOcjlwZaiifq4-ktRqlEBCJ6a_m3MFiwq65\u002Fs1600\u002Fexim.jpg","2026-05-12T16:44:00+00:00",{"id":279,"title":280,"slug":281,"brief":282,"ai_summary":283,"url":284,"image_url":25,"published_at":285},"20f7ba90-b5f4-4940-9b41-0aff68c0a3cc","Good news everyone\n\nShai-Hulud, that spoopy Git worm thingy everyones been yapping about, has bee...","good-news-everyone-shai-hulud-that-spoopy-git-worm-thingy-everyones-been-yapping-772333","Shai-Hulud Git worm malware code publicly released on GitHub.","The Shai-Hulud Git worm, previously discussed in security circles, has been open-sourced and made publicly available. TeamPCP or another actor has released the fully weaponized malware code, lowering the barrier to entry for potential attackers to deploy the worm in their own campaigns.","https:\u002F\u002Fx.com\u002Fvxunderground\u002Fstatus\u002F2054238093734015419","2026-05-12T16:31:42+00:00",{"id":287,"title":288,"slug":289,"brief":290,"ai_summary":291,"url":292,"image_url":293,"published_at":294},"da322937-c55b-4fc1-ad6b-e735a0fa1b8e","RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded","rubygems-suspends-new-signups-after-hundreds-of-malicious-packages-are-uploaded-bf9d58","RubyGems suspends signups after 500+ malicious packages uploaded in coordinated attack.","RubyGems temporarily disabled new account registrations following a coordinated spam-publishing campaign that resulted in over 500 malicious packages being uploaded to the registry. The attack, which targeted newly registered bot accounts, has since been contained with malicious packages removed and bot accounts blocked. Account signups were re-enabled on May 16, 2026, after RubyGems implemented additional security measures including WAF protection and tighter rate limiting.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Frubygems-suspends-new-signups-after.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEggIbYm86Vn45Nd86Hd5IEqHufRIS5Ud3spGUy5JWHy-My-NBVocyj-aR7E3gBKibPnrWd5DRYnDfmbaHUMuaYcNn_paUIDN11VLySLNUsXwFwVIALsNo419985zWvtepK7NVp9J4W3d7uHGWkQFgqI6zY_9Y5LWe5hsTLk-c9ZMKQ4TDlUMcMh8-_vhdIH\u002Fs1600\u002Frubygems.jpg","2026-05-12T14:47:00+00:00",{"id":296,"title":297,"slug":298,"brief":299,"ai_summary":300,"url":301,"image_url":302,"published_at":303},"36bb324f-c91c-45aa-8fa3-854e4ff4d399","Hugging Face Packages Weaponized With a Single File Tweak","hugging-face-packages-weaponized-with-a-single-file-tweak-9298b3","Hugging Face tokenizer files can be manipulated to hijack AI model outputs and exfiltrate data.","Researchers discovered that tokenizer files in Hugging Face AI models represent a critical supply-chain vulnerability. A single file modification allows attackers to hijack model outputs and exfiltrate sensitive data without modifying the core model weights. This attack vector affects the broader AI\u002FML ecosystem where pre-trained models are widely downloaded and integrated into applications.","https:\u002F\u002Fwww.darkreading.com\u002Fcloud-security\u002Fhugging-face-packages-weaponized-single-file-tweak","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fblte4a392e468c2fede\u002F6a02399dd02601ddfa8e5443\u002FHugging_Face_Sidney_Van_den_Boogaard_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale","2026-05-12T14:00:00+00:00",{"id":305,"title":306,"slug":307,"brief":308,"ai_summary":309,"url":310,"image_url":311,"published_at":312},"847f5905-ae83-4492-bc8c-2681e072ca86","Shai Hulud attack ships signed malicious TanStack, Mistral npm packages","shai-hulud-attack-ships-signed-malicious-tanstack-mistral-npm-packages-a6001f","Shai-Hulud campaign compromises 160+ npm packages with credential-stealing malware via OIDC token hijacking.","The TeamPCP-attributed Shai-Hulud threat group hijacked OpenID Connect (OIDC) tokens to publish malicious versions of popular npm and PyPI packages—including TanStack, Mistral AI, Guardrails AI, Bitwarden CLI, and SAP packages—with valid SLSA provenance attestations. The malware targets developer secrets (GitHub tokens, AWS credentials, Kubernetes tokens, SSH keys, and more) and persists via IDE hooks even after package uninstallation. Over 160 compromised packages were identified across npm, PyPI, and Composer, with the attackers exploiting a risky pull_request_target workflow, GitHub Actions cache poisoning, and memory-based OIDC token theft.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fshai-hulud-attack-ships-signed-malicious-tanstack-mistral-npm-packages\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F05\u002FHackerbox.jpg","2026-05-12T11:29:36+00:00",{"id":314,"title":315,"slug":316,"brief":317,"ai_summary":318,"url":319,"image_url":320,"published_at":321},"191d31c6-4454-41b8-bd0f-ba153839188d","Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain","worm-redux-fresh-mini-shai-hulud-infections-bite-supply-chain-c1107c","Hundreds of npm packages infected by self-propagating worm targeting TanStack ecosystem.","A self-propagating worm attributed to TeamPCP has infected hundreds of npm packages related to the TanStack open source ecosystem. The worm, known as Mini Shai-Hulud, steals credentials and propagates itself across the supply chain. This represents a significant threat to developers and organizations depending on TanStack libraries.","https:\u002F\u002Fwww.darkreading.com\u002Fapplication-security\u002Fworm-redux-fresh-mini-shai-hulud-infections-bite-supply-chain","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fblt98af205e9fd3397b\u002F6a030d8e8affd2e99d18dd19\u002Fsandworms_FlixPix_Alamy.png?width=1280&auto=webp&quality=80&disable=upscale","2026-05-12T11:07:43+00:00",{"id":323,"title":324,"slug":325,"brief":326,"ai_summary":327,"url":328,"image_url":329,"published_at":330},"0bf4548f-7c44-46d6-b2f8-9642ffd5cb74","TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack","tanstack-mistral-ai-uipath-hit-in-fresh-supply-chain-attack-a9c42e","TeamPCP compromises 170+ npm\u002FPyPI packages in Mini Shai-Hulud supply chain attack.","Over 170 packages across npm and PyPI repositories were compromised in a coordinated supply chain attack attributed to TeamPCP, affecting major projects including TanStack (42 packages), UiPath (65 packages), Mistral AI, OpenSearch, and others. The attackers chained multiple GitHub Actions vulnerabilities to inject credential-stealing malware that harvests developer secrets, API keys, cloud credentials, and cryptocurrency wallets, then propagates via stolen tokens. The campaign is notable for abusing SLSA provenance attestation to make malicious packages appear legitimate and using decentralized exfiltration channels resistant to takedown.","https:\u002F\u002Fwww.securityweek.com\u002Ftanstack-mistral-ai-uipath-hit-in-fresh-supply-chain-attack\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2025\u002F09\u002FAI_Jailbreak-LLM.jpeg","2026-05-12T10:10:33+00:00",{"id":332,"title":333,"slug":334,"brief":335,"ai_summary":336,"url":337,"image_url":338,"published_at":339},"34b6a0cf-ad48-4147-b0ab-3608e1637648","Following the initial report from @wiz_io on compromised MistralAI packages, our artifact‑scannin...","following-the-initial-report-from-wiz-io-on-compromised-mistralai-packages-our-a-0eb22e","Shai Hulud malware discovered in additional compromised MistralAI NPM packages for GCP and Azure.","Following Wiz's initial disclosure of compromised MistralAI packages, security researchers identified additional NPM artifacts infected with the Shai Hulud malware. The affected packages include mistralai\u002Fmistralai-gcp v1.7.3 and mistralai\u002Fmistralai-azure v1.7.3, which provide direct cloud integration functionality. This represents a broader supply chain attack affecting popular AI\u002FML libraries used by cloud developers.","https:\u002F\u002Fx.com\u002Fnextronresearch\u002Fstatus\u002F2054128548776903139","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHIG64RqW4AARlhd.png","2026-05-12T09:16:24+00:00",{"id":341,"title":342,"slug":343,"brief":344,"ai_summary":345,"url":346,"image_url":347,"published_at":348},"d2bf7a54-19e9-4578-bd37-9e394a3b7552","Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages","mini-shai-hulud-worm-compromises-tanstack-mistral-ai-guardrails-ai-more-packages-f9795c","TeamPCP compromises npm\u002FPyPI packages from TanStack, Mistral AI, Guardrails AI via Mini Shai-Hulud worm campaign.","TeamPCP threat actor has launched a fresh Mini Shai-Hulud campaign targeting npm and PyPI packages from TanStack, Mistral AI, Guardrails AI, UiPath, and OpenSearch. The compromised packages inject obfuscated JavaScript designed to steal credentials from cloud providers, crypto wallets, CI\u002FCD systems, and IDEs, exfiltrating data to attacker-controlled infrastructure. The TanStack compromise exploited GitHub Actions OIDC token theft and cache poisoning to inject malicious code into 42 packages with valid SLSA Build Level 3 provenance—a first for npm worms.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fmini-shai-hulud-worm-compromises.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEhXIhs2kZt0YGdDcd-Io67mq1GIN_iI_71LYhuin4qqmlgUgCuZ3fGUvglg_5nh5DK8kfPP8RHki86yMyqh4rTE27PGgPBh4RQjkh91-QGoB8cav5NUsYAwcV3ZJ7aEf-uEoH3pLGQ2eWuCh8lZSWAlTIa2U5I6eeB3HZmYMn4q-YoV7Ytmkpr1tN0lC2rG\u002Fs1600\u002Fmistral.jpg","2026-05-12T08:50:00+00:00",{"id":350,"title":351,"slug":352,"brief":353,"ai_summary":354,"url":355,"image_url":356,"published_at":357},"e1238397-364d-46e5-94eb-8c5c900c22bc","We analyzed Heartflabrace\u002FDoubao-Claw\n\nA malicious \"AI skill\" posing as a Volcengine\u002FByteDance Do...","we-analyzed-heartflabrace-doubao-claw-a-malicious-ai-skill-posing-as-a-volcengin-e73670","Zscaler discovers malicious AI skill posing as ByteDance Doubao CLI in OpenClaw ecosystem.","Zscaler identified a malicious \"AI skill\" disguised as a legitimate Volcengine\u002FByteDance Doubao command-line interface tool, part of the broader OpenClaw malware ecosystem previously exposed. The malware uses sophisticated social engineering, including 7,000 words of convincing documentation, FAQs, and architecture diagrams to deceive victims. This represents an evolution in supply-chain and open-source ecosystem attacks targeting developers.","https:\u002F\u002Fx.com\u002Fnextronresearch\u002Fstatus\u002F2053767476651995310","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHIByedFWUAArsQj.jpg","2026-05-11T09:21:38+00:00",{"id":359,"title":360,"slug":361,"brief":362,"ai_summary":363,"url":364,"image_url":365,"published_at":366},"e1acf365-17d1-4a1d-aeda-4ad6409430ff","Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads","fake-openai-privacy-filter-repo-hits-1-on-hugging-face-draws-244k-downloads-7f9a30","Fake OpenAI Privacy Filter repo on Hugging Face delivers Rust infostealer, hits #1 trending with 244K downloads.","A malicious Hugging Face repository impersonated OpenAI's legitimate Privacy Filter model, reaching #1 on the platform's trending list with 244,000 downloads in 18 hours. The typosquatted project included a loader script that deployed a Rust-based information stealer targeting Windows users, harvesting Discord credentials, cryptocurrency wallets, browser data, and system metadata. HiddenLayer researchers identified six additional malicious repositories using similar Python loaders to distribute the same infostealer.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Ffake-openai-privacy-filter-repo-hits-1.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEiPtLFShq_XoM9Nzsl5kmSsF2UGsm6VhRoLNodcqRCdq45zqy4ekFVtamokNzEFifQknD502Wc0uFTBUdvLsBsYn4QAeVHSWLmhF2ROBMXutev8T6JjCGrrarzLhkSTUHLBq-nEWrF0WTb2epkX_3Ba5a6Gv_21R7PPQ_zCjhk7OU702Y10tJkcJiYG52D4\u002Fs1600\u002Fhugging-face-malware.jpg","2026-05-11T07:05:00+00:00",{"id":368,"title":369,"slug":370,"brief":371,"ai_summary":372,"url":373,"image_url":374,"published_at":375},"30461521-3153-470b-84f3-dd1ce5ef2586","‼️🇧🇩 BADC allegedly breached exposing full private git repo from Bangladesh Agricultural Develo...","badc-allegedly-breached-exposing-full-private-git-repo-from-bangladesh-agricultu-2b94b2","BADC private git repository allegedly breached and leaked by threat actor.","A threat actor claims to have compromised and leaked the complete private git repository of Bangladesh Agricultural Development Corporation (BADC), a government autonomous body. The breach exposes source code and potentially sensitive development artifacts from the organization. This represents a significant supply chain and data exposure risk for the agricultural sector in Bangladesh.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2053558694328013027","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHH-0mcTXQAAJmH_.jpg","2026-05-10T19:32:00+00:00",{"id":377,"title":378,"slug":379,"brief":380,"ai_summary":381,"url":382,"image_url":383,"published_at":384},"d274d683-cd7d-40cb-b33d-18135559cc9a","Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak","ollama-out-of-bounds-read-vulnerability-allows-remote-process-memory-leak-c84897","Critical out-of-bounds read in Ollama allows remote memory leak affecting 300K+ servers.","A critical out-of-bounds read vulnerability (CVE-2026-7482, CVSS 9.1) in Ollama's GGUF model loader allows unauthenticated remote attackers to leak entire process memory by uploading a specially crafted model file. The flaw, codenamed \"Bleeding Llama,\" affects versions before 0.17.1 and impacts an estimated 300,000+ servers globally, potentially exposing API keys, environment variables, system prompts, and user conversation data. Additionally, two unpatched Windows update mechanism vulnerabilities in Ollama can be chained for persistent code execution.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Follama-out-of-bounds-read-vulnerability.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEj92eUjjTTMJPizvUJGwq7Ych7nrXHwGRNt3hS9yjNGRJk5d3pdIKjeZhQDVuFp0DnKjP4qoieGWFjswm7nHDLBaxWC3DxFIfLfRjMSEXd0Ta04vcTrbCpS9PEXebUUbMBxBt0VOb-PKVk-7Cq0FjuMXl4VtKneb5a3ujCo872goPN22GBFFhReJtWsQJLK\u002Fs1600\u002Foll.jpg","2026-05-10T12:41:00+00:00",{"id":386,"title":387,"slug":388,"brief":389,"ai_summary":390,"url":391,"image_url":392,"published_at":393},"b5ffdde0-b925-48ab-8d21-4b974323906a","Fake OpenAI repository on Hugging Face pushes infostealer malware","fake-openai-repository-on-hugging-face-pushes-infostealer-malware-084216","Malicious Hugging Face repository impersonating OpenAI's Privacy Filter delivers infostealer malware.","A typosquatted repository on Hugging Face impersonating OpenAI's \"Privacy Filter\" project briefly reached the platform's trending list and accumulated 244,000 downloads before removal. The malicious repository contained a loader.py script that fetched and executed a Rust-based infostealer targeting browser data, cryptocurrency wallets, SSH credentials, Discord tokens, and system information. The stolen data was exfiltrated to a C2 server at recargapopular[.]com, with researchers noting anti-analysis features and potential overlaps with npm typosquatting campaigns distributing WinOS 4.0.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Ffake-openai-repository-on-hugging-face-pushes-infostealer-malware\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F03\u002F24\u002Fhacker_box.jpg","2026-05-09T14:26:03+00:00",{"id":395,"title":396,"slug":397,"brief":398,"ai_summary":399,"url":400,"image_url":401,"published_at":402},"a0fb1850-6582-4ceb-80ea-ec9c3b1aa4da","Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack","gemini-cli-vulnerability-could-have-led-to-code-execution-supply-chain-attack-63c86a","Gemini CLI vulnerability allowed prompt injection to enable supply chain attacks via GitHub issues.","A critical CVSS 10\u002F10 vulnerability in Google's Gemini CLI could have allowed attackers to inject malicious prompts into GitHub issues and take over the AI agent designed to auto-triage them. In –yolo mode, the tool ignored allowlists, letting attackers execute arbitrary commands, extract secrets, and pivot to full repository write access for supply chain compromise. Google patched the flaw in version 0.39.1 on April 24, and identified at least eight other vulnerable repositories using the same workflow template.","https:\u002F\u002Fwww.securityweek.com\u002Fgemini-cli-vulnerability-could-have-led-to-code-execution-supply-chain-attack\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2026\u002F04\u002FGemini.jpeg","2026-05-07T10:39:34+00:00",{"id":404,"title":405,"slug":406,"brief":407,"ai_summary":408,"url":409,"image_url":410,"published_at":411},"b17bd0b3-1c17-4a90-aaf4-62c013af4b8e","‼️🏴‍☠️ Nimrod Stealer source code allegedly shared on a hacking forum for credential and browser...","nimrod-stealer-source-code-allegedly-shared-on-a-hacking-forum-for-credential-an-652ed4","Nimrod Stealer source code leaked on hacking forum for credential theft.","The source code for Nimrod Stealer, an information-stealing malware tool, has been allegedly shared on a hacking forum. The stealer is designed to harvest saved browser credentials, cookies, and other sensitive data. This source code leak increases the risk of widespread adoption and derivative variants.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2052113077278306781","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHHqRzkIW8AIeptM.jpg","2026-05-06T19:47:38+00:00",{"id":413,"title":414,"slug":415,"brief":416,"ai_summary":417,"url":418,"image_url":419,"published_at":420},"78913230-6af7-4877-a0b2-f9c51d7bac8c","Critical vm2 sandbox bug lets attackers execute code on hosts","critical-vm2-sandbox-bug-lets-attackers-execute-code-on-hosts-d07794","Critical vm2 sandbox escape vulnerability (CVE-2026-26956) allows arbitrary code execution on host systems.","A critical vulnerability in the popular Node.js vm2 sandboxing library (CVE-2026-26956) enables attackers to escape the sandbox and execute arbitrary code on the host system by leveraging WebAssembly exception handling to bypass JavaScript-level security protections. The flaw affects vm2 version 3.10.4 and potentially earlier versions, and impacts environments running Node.js 25 with WebAssembly exception handling and JSTag support enabled. Proof-of-concept exploit code has been published, and users are urged to upgrade to version 3.10.5 or later (latest 3.11.2) immediately.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fcritical-vm2-sandbox-bug-lets-attackers-execute-code-on-hosts\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F06\u002F0_sandbox.jpg","2026-05-06T18:38:38+00:00",{"id":422,"title":423,"slug":424,"brief":425,"ai_summary":426,"url":427,"image_url":428,"published_at":429},"a6a18297-a164-454c-9689-6ff4d88375ea","OceanLotus suspected of using PyPI to deliver ZiChatBot malware","oceanlotus-suspected-of-using-pypi-to-deliver-zichatbot-malware-e65fb4","OceanLotus deploys ZiChatBot malware via malicious PyPI packages targeting Windows and Linux.","Kaspersky researchers discovered malicious Python wheel packages on PyPI uploaded starting July 2025, attributed to OceanLotus APT. The packages (uuid32-utils, colorinal, termncolor) acted as droppers delivering ZiChatBot, a previously unknown malware that uses Zulip chat app REST APIs as C2 infrastructure instead of traditional command servers. The attack exemplifies a carefully planned supply chain compromise, with one benign-looking package concealing malicious dependencies.","https:\u002F\u002Fsecurelist.com\u002Foceanlotus-suspected-pypi-zichatbot-campaign\u002F119603\u002F","https:\u002F\u002Fmedia.kasperskycontenthub.com\u002Fwp-content\u002Fuploads\u002Fsites\u002F43\u002F2026\u002F04\u002F04194912\u002FSL-OceanLotus-featured.jpg","2026-05-06T13:00:34+00:00",{"id":431,"title":432,"slug":433,"brief":434,"ai_summary":435,"url":436,"image_url":437,"published_at":438},"cccbe2b4-5c65-45a8-a275-3094241ff0e4","Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft","critical-bug-could-expose-300-000-ollama-deployments-to-information-theft-c3fd45","Critical heap out-of-bounds read in Ollama exposes 300K deployments to unauthenticated information theft.","A critical vulnerability dubbed Bleeding Llama (CVE-2026-7482, CVSS 9.3) in Ollama's GGUF model loader allows unauthenticated remote attackers to read sensitive heap memory including API keys, tokens, and prompts. The flaw affects approximately 300,000 internet-exposed Ollama instances that lack authentication and firewall protection. Ollama patched the issue in version 0.17.1, and organizations are advised to update immediately and restrict network access.","https:\u002F\u002Fwww.securityweek.com\u002Fcritical-bug-could-expose-300000-ollama-deployments-to-information-theft\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2024\u002F05\u002Fllama-drama-.jpg","2026-05-05T12:39:36+00:00",{"id":440,"title":441,"slug":442,"brief":443,"ai_summary":444,"url":445,"image_url":446,"published_at":447},"8750b5a4-75b5-411b-bf53-5ba6de489892","MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks","metinfo-cms-cve-2026-29014-exploited-for-remote-code-execution-attacks-a87226","MetInfo CMS CVE-2026-29014 actively exploited for unauthenticated remote code execution","A critical PHP code injection vulnerability (CVE-2026-29014, CVSS 9.8) in MetInfo CMS versions 7.9, 8.0, and 8.1 is being actively exploited by threat actors to achieve remote code execution. The flaw exists in the WeChat API request handler and allows unauthenticated attackers to inject and execute arbitrary PHP code. Exploitation began in late April 2026, with surge in activity targeting China and Hong Kong on May 1, affecting approximately 2,000 publicly accessible instances.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fmetinfo-cms-cve-2026-29014-exploited.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEg6SZcQRIb_0i7jqHu2mcl7Ep1hX2C3rwLWwJmBwPHTPE2PvaP9KOHcMkvGAWxLeBFWxmfpW6IXwJqIsxHJvs2nIDc2ASwRwuXNlWFZRtatpMoksz5BRKmCVNSs4BxsrFX0_CGqlHZv_6VNWx6u1wD8dydja_fvpnRLezr_CBLyX-Lj6a2i4wRKxZnGFRen\u002Fs1600\u002Fphph.jpg","2026-05-05T11:56:00+00:00",{"id":449,"title":450,"slug":451,"brief":452,"ai_summary":453,"url":454,"image_url":455,"published_at":456},"56064592-a642-45a0-bfd3-47aaf3d8c54f","Backdoored PyTorch Lightning package drops credential stealer","backdoored-pytorch-lightning-package-drops-credential-stealer-09d8ee","Malicious PyTorch Lightning v2.6.3 on PyPI deploys credential-stealing JavaScript payload.","A backdoored version of PyTorch Lightning (v2.6.3) was published on PyPI with a hidden execution chain that automatically downloads and executes a heavily obfuscated JavaScript payload called 'ShaiWorm' upon import. The malware steals credentials from browsers, environment files, cloud services (AWS, Azure, GCP), and supports arbitrary command execution. PyTorch Lightning has been reverted to v2.6.1, and the maintainers are investigating the compromise.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fbackdoored-pytorch-lightning-package-drops-credential-stealer\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F04\u002F27\u002FPyPI.jpg","2026-05-04T17:15:27+00:00",[],[],[],[],50]