Rose debug info
---------------

Human Factor Blog

how human behavior affects security

Programmer’s Digest #191

06/24/2026-07/01/2026 Linux Kernel Flaw, Langflow RCE Exploited, Hijacked npm and Go Packages And More.

1. DirtyClone: Fourth Linux Kernel Flaw in Six Weeks Escalates to Root

JFrog Security Research published a working exploit for CVE-2026-43503 (CVSS 8.8), a Linux kernel privilege escalation dubbed DirtyClone—the fourth in the DirtyFrag family. All four share the same flaw: file-backed memory gets treated as writable network packet data instead of being copied. An attacker loads a privileged binary like /usr/bin/su into memory, forces the kernel to clone it through a loopback IPsec tunnel, and overwrites its authentication logic—granting root with no disk changes or audit trail. The exploit needs CAP_NET_ADMIN, reachable on Debian and Fedora via default-enabled unprivileged namespaces; Ubuntu 24.04+ blocks this path via AppArmor.

Each prior DirtyFrag patch closed one code path while leaving others exposed, since the shared-frag flag wasn’t enforced everywhere. A broader fix merged May 21, with Linux v7.1-rc5 as the first patched release; Ubuntu, Debian, and SUSE have advisories out. If patching isn’t immediate, disabling unprivileged user namespaces or blacklisting esp4/esp6/rxrpc modules reduces exposure, though neither is a real fix.

2. Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

Attackers are exploiting CVE-2026-33017 (CVSS 9.3), an unauthenticated RCE flaw in Langflow, to deploy a Monero cryptominer, Trend Micro reports. Observed between March 27 and April 15, 2026, the attack runs a Python script via the exposed API to fetch a Go-based binary called “lambsys.” The malware kills rival miners (Kinsing, WatchDog, Rocke, Outlaw), deletes their wallets, disables security tools like AppArmor, SELinux, and iptables, wipes logs, and sets up cron persistence. It spreads via reused SSH keys and manipulates file immutability attributes to protect its changes. Finally, it downloads a custom XMRig miner and checks the victim’s IP/location for pool selection and geo-fencing.

An earlier binary version dates to May 2024, suggesting over two years of development. This follows other Langflow exploits, including 2025’s Flodrix botnet campaign, underscoring how exposed AI infrastructure is becoming a new entry point for commodity attackers.

3. Exploitation of Recent Oracle E-Business Suite Vulnerability Begins

Threat intelligence firm Defused warns that attackers have begun exploiting CVE-2026-46817 (CVSS 9.8), a critical flaw in the File Transmissions component of Oracle E-Business Suite’s Payments product. Unauthenticated attackers can exploit it over HTTP, with Oracle warning successful attacks could lead to a full takeover of Oracle Payments. The bug was patched in late May under Oracle’s first monthly Critical Security Patch Update, which fixed 77 vulnerabilities. Defused detected the first exploitation attempts hitting its EBS honeypots over the weekend, though no prior in-the-wild activity or public PoC had been reported.

Oracle EBS is a frequent target: Cl0p exploited a zero-day in it last October to steal data from over 100 organizations, and ShinyHunters recently claimed a separate campaign against Oracle PeopleSoft. Organizations are urged to patch immediately.

4. Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

A public PoC has landed for CVE-2026-55200 (CVSS 9.2), a critical libssh2 flaw letting a malicious SSH server trigger memory corruption on connecting clients—no auth or user interaction needed. It affects all versions through 1.11.1. The bug sits in ssh2_transport_read(), which never enforced an upper bound on packet_length, allowing a 32-bit integer overflow that leads to an undersized buffer and an out-of-bounds heap write. A near-identical flaw was patched in 2019 (CVE-2019-3855).
Since libssh2 is a client-side library embedded in curl, Git, PHP, and many appliances—often statically linked—affected copies are easy to miss. The published PoC is a local trigger/harness, not a turnkey remote exploit, and no in-the-wild use has been confirmed yet.

No official patched release exists yet, though the fix is merged upstream and some distros are backporting it. Organizations should inventory libssh2 usage, apply patched builds when available, and restrict outbound SSH to trusted, verified hosts in the meantime.

5. Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

Researchers found two hijacked npm packages (html-to-gutenberg, fetch-page-assets) and 16 Go packages deploying a Python infostealer across Windows, Linux, and macOS. Instead of using npm lifecycle scripts, the attack hides in a VS Code task set to auto-run on folder open, disguising JavaScript as a font file. It fetches encrypted payloads via blockchain dead drops (TronGrid, Aptos), establishes a socket.io backdoor for remote control, and deploys a Python stealer. The campaign, dubbed “Fake Font” by researchers, is linked to North Korea’s Contagious Interview operation targeting developers via fake job interviews. The stealer harvests browser credentials, crypto wallets, password managers, Git/GitHub data, OS credential stores, and cloud storage metadata, exfiltrating everything as ZIP archives to a C2 server or Telegram.

Affected users should remove the packages, check for hidden VS Code auto-run tasks, and rotate all credentials, tokens, and wallet keys immediately.

6. Amazon Q flaw Let Booby-Trapped Git Repos Execute Code

A high-severity flaw in Amazon Q’s VS Code extension, tracked as CVE-2026-12957 (CVSS 8.5), let attackers achieve code execution just by getting a developer to open a malicious repository. Wiz found that Amazon Q automatically loaded and executed commands from a project’s .amazonq/mcp.json file—no prompt, consent, or workspace trust check required.

Since MCP-spawned processes inherit the developer’s environment, a poisoned config could run arbitrary commands with full access to AWS credentials, API keys, SSH agent sockets, and other loaded secrets. Wiz demonstrated the attack by crafting a malicious MCP config that executed an AWS command using the victim’s own credentials, triggered simply by opening the folder and activating Amazon Q.

Amazon patched the issue in language server version 1.65.0, which should deploy automatically to most users. Wiz notes similar workspace-configuration flaws have surfaced in other AI coding assistants, pointing to a broader industry risk as MCP adoption grows.

6 h   digest   programmers'

Programmer’s Digest #190

06/17/2026-06/24/2026 Cisco Unified CM Flaw Exploited, Malicious npm Packages, 4,300+ Outdated Routers Hijacked And More.

1. Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

Threat actors are actively exploiting a critical Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME) vulnerability, tracked as CVE-2026-20230 (CVSS 8.6). The flaw stems from improper input validation in HTTP requests, enabling unauthenticated attackers to perform server-side request forgery (SSRF) attacks and write files to the underlying operating system, potentially leading to root-level access.

Security researchers at Defused Cyber observed real-world exploitation attempts using publicly available proof-of-concept code. However, attacks are only possible when the Cisco WebDialer service is enabled, which is disabled by default. Administrators should verify the service status through Cisco Unified Serviceability and disable it if immediate patching is not possible.

Cisco has fixed the vulnerability in Unified CM and Unified CM SME versions 14SU6 and 15SU5. Additional research from SSD Secure Disclosure indicates attackers can leverage the WebDialer component to write arbitrary files and potentially achieve remote code execution.

2. Malicious npm Packages Use PowerShell and VBS Chain to Drop Windows RAT

Threat actors are increasingly targeting developers through malicious npm packages. Researchers recently discovered a campaign using a typosquatted package, postcss-minify-selector-parser, to deliver a multi-stage Windows Remote Access Trojan (RAT). The package closely imitates the legitimate postcss-selector-parser, a widely used JavaScript dependency with over 150 million weekly downloads, making it difficult to spot during routine reviews. When imported, the package executes hidden JavaScript code that decrypts an embedded payload, writes a PowerShell script to disk, and runs it while bypassing execution policies. The script then downloads additional malware from the deceptive domain nvidiadriver[.]net, disguising files as Windows updates.

Once installed, the RAT performs extensive system profiling to detect virtual machines and security analysis environments. If no threats are detected, it establishes persistence and waits for commands. The malware primarily targets Google Chrome, stealing saved credentials and browser data using advanced decryption techniques before exfiltrating the information through encrypted command-and-control channels.

3. GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns

GitHub is enhancing software supply chain security by updating actions/checkout to block “pwn request” attacks that exploit insecure use of the pull_request_target workflow trigger. Starting June 18, 2026, actions/checkout v7 will refuse to fetch code from forked pull requests in pull_request_target and certain workflow_run workflows when unsafe checkout patterns are detected. The protection will be backported to supported versions on July 16, 2026.

The change addresses a common attack scenario where untrusted code from a forked repository is executed with the base repository’s privileges, potentially exposing secrets, write-enabled GITHUB_TOKENs, and other sensitive resources. Such attacks have been linked to several recent software supply chain compromises.

Developers can override the protection by explicitly enabling the allow-unsafe-pr-checkout flag, though this is discouraged. GitHub recommends using pull_request instead of pull_request_target when elevated permissions are unnecessary, limiting workflow permissions, and carefully reviewing workflows that process untrusted code. The update serves as an important safeguard, but not a complete security solution.

4. 4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malware

QiAnXin’s XLab detected IP 107.150.106.14 spreading a zero-detection Linux binary through two old vulnerabilities — CVE-2013-3307 and CVE-2016-5681 — targeting Realtek RTL819X-based routers, mainstream hardware from 2012–2015 that has received no firmware updates since. XLab named the malware AryStinger, after a source code path referencing “Ary-Attack.”

Unlike typical IoT malware, AryStinger doesn’t encrypt files or mine crypto. Instead, it turns infected routers into Executor nodes that perform distributed reconnaissance — port scanning, service identification, and subdomain enumeration — while hiding the attacker’s real location behind a relay layer.

Over 4,300 routers are currently compromised, predominantly D-Link DIR-850L devices. South Korea accounts for 48% of infections, followed by China at 32%. XLab has not attributed the campaign to any known threat actor, and the investigation remains ongoing.

5. F5 Patches Critical, High-Severity NGINX Vulnerabilities

F5 released out-of-band security updates addressing multiple NGINX vulnerabilities, including two critical flaws — CVE-2026-42530 and CVE-2026-42055 (CVSS 9.2) — affecting HTTP modules. Both can be exploited without authentication to trigger a use-after-free or heap-based buffer overflow, causing the NGINX worker process to restart and resulting in denial-of-service. If ASLR is disabled or bypassed, arbitrary code execution is also possible.

Patches cover NGINX Plus, NGINX Open Source, and NGINX Gateway Fabric. Two high-severity flaws — CVE-2026-11311 and CVE-2026-50107 — in NGINX Gateway Fabric allow authenticated attackers to inject arbitrary configuration directives, potentially exposing sensitive data, proxying traffic to attacker-controlled endpoints, or causing DoS. Two additional medium-severity bugs enable memory disclosure or worker process restarts.

F5 reports no active exploitation, but urges prompt patching given NGINX’s recent targeting in attacks.

6. Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Threat actors are actively exploiting CVE-2026-4020 (CVSS 5.3), an information disclosure flaw in Gravity SMTP, a WordPress plugin with roughly 100,000 installations. An unauthenticated attacker can send a GET request to the plugin’s REST API endpoint with the ?page=gravitysmtp-settings parameter, triggering a 365 KB JSON response containing PHP version, active plugins, database details, WordPress configuration, and live API credentials for services including Amazon SES, Google, Mailjet, and Zoho.

Exposed credentials enable attackers to abuse connected email services or map the site’s software stack for follow-on attacks. Wordfence has blocked over 17 million exploit attempts since May 2026, peaking at 4 million requests per day in early June.

A patch is available in version 2.1.5. Site owners should update immediately, rotate all configured API credentials, and review server logs for requests from known attacker IPs.

7 d   digest   programmers'

Programmer’s Digest #189

06/10/2026-06/17/2026 Three Critical Forti Sandbox Bugs, LiteSpeed cPanel Plugin Flaw, Over 400 Arch Linux AUR Packages Hijacked And More.

1. Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack

Three vulnerabilities in Fortinet FortiSandbox, including one patched just last week, are already being actively exploited, according to cybersecurity firm Defused Cyber.
Two flaws—CVE-2026-39813 (CVSS 9.1), a path traversal vulnerability, and CVE-2026-39808 (CVSS 9.8), an OS command injection flaw—allow unauthenticated attackers to achieve code execution through crafted HTTP requests. Both vulnerabilities have had patches available since April.

The third flaw, CVE-2026-25089, affects FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI. It is an OS command injection vulnerability that enables unauthenticated attackers to execute unauthorized commands via specially crafted HTTP requests. Despite being patched only last week, it is already being exploited in the wild.

Researchers also noted that the exploit for CVE-2026-25089 appears to have been developed with AI assistance and contains bugs, yet attackers are still targeting unpatched systems. The incidents underscore how rapidly attackers are weaponizing newly disclosed vulnerabilities, leaving organizations with increasingly narrow patching windows.

2. CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

CISA has added a LiteSpeed cPanel Plugin vulnerability, CVE-2026-54420 (CVSS 8.5), to its KEV catalog. Federal agencies must apply fixes by June 18, 2026.
The flaw is a privilege-escalation issue affecting shared hosting servers running CloudLinux or CageFS. Attackers with FTP or web shell access can potentially gain root privileges due to improper handling of user-provided symlinks in LiteSpeed cPanel Plugin versions before 2.4.8. Although active exploitation details remain unclear, LiteSpeed recommends checking affected servers using a provided grep command. No output indicates the server is likely unaffected, while output should be reviewed against additional indicators to rule out false positives.

The issue was reported by Namecheap on May 31, 2026. Users should upgrade to LiteSpeed WHM Plugin 5.3.2.1 (including cPanel Plugin 2.4.8) or later to remediate the vulnerability.

3. Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Attackers hijacked more than 400 packages in the Arch User Repository (AUR), modifying build scripts to install malware that steals credentials from systems that build or update affected packages. The official Arch Linux repositories were not impacted.

Dubbed Atomic Arch by Sonatype, the campaign targeted abandoned AUR packages that attackers adopted and modified. Malicious code was inserted into PKGBUILD and install scripts, causing systems to download and execute a Rust-based credential stealer through malicious npm packages such as atomic-lockfile. The malware targets browser cookies, developer tokens, SSH keys, cloud credentials, and messaging app sessions. When run with root privileges, it can also deploy an optional eBPF rootkit for stealth and persistence.

Researchers identified more than 400 compromised packages, with additional malicious packages linked to a second payload distributed through js-digest. Users who installed or updated AUR packages after June 11 should review affected package lists, rotate credentials, check for persistence mechanisms, and consider rebuilding compromised systems from trusted media.

4. OptinMonster Plugin Hack Exposes 1.2 Million WordPress Sites to Cyberattack

A major supply chain attack has exposed more than 1.2 million WordPress websites after attackers injected malicious code into JavaScript files distributed through trusted CDN infrastructure. Security researchers at Sansec found that popular Awesome Motive plugins, including OptinMonster, TrustPulse, and PushEngage, were affected.

Instead of targeting websites directly, attackers compromised JavaScript files hosted on Awesome Motive’s CDN. Any site loading these files unknowingly executed the malware. The payload activates only when a WordPress administrator is logged in, helping it evade detection.

Once active, the malware collects site data, steals authentication tokens, and creates unauthorized administrator accounts such as developer_api1 or randomly generated dev_xxxxxx accounts. Stolen data is encrypted and sent to the command-and-control domain tidio.cc.

Attackers also install hidden backdoor plugins, including content-delivery-helper and database-optimizer, enabling remote code execution and long-term access. Organizations should check for these indicators and suspicious administrator accounts immediately.

5. CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation

Cisco has warned that CVE-2026-20262, an actively exploited vulnerability in Cisco Catalyst SD-WAN Manager, could allow authenticated attackers to create or overwrite files on affected systems. The flaw, rated CVSS 6.5, stems from improper validation of user input during file uploads in the web interface.

By sending a crafted HTTP request to a vulnerable API endpoint, an attacker with valid low-privileged credentials and write access can perform arbitrary file writes. These files may then be used to escalate privileges to root, potentially leading to full system compromise. Cisco’s Product Security Incident Response Team (PSIRT) has observed limited exploitation of the flaw since June 2026 and strongly recommends upgrading to a patched software version. While technical details of the attacks have not been disclosed, the targeted nature of the activity suggests involvement by a sophisticated threat actor. CISA has added CVE-2026-20262 to its KEV catalog and ordered federal agencies to apply fixes by June 29, 2026.

6. North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Cybersecurity researchers have identified two malicious campaigns linked to the North Korean threat cluster known as Contagious Interview. Proofpoint reports the activity, dubbed UNK_DeadDrop, uses recruitment-themed phishing emails posing as developer job offers or code reviews to target nearly 100 organizations across finance, crypto, education, and tech.

The infection chain begins with emails linking to attacker-controlled GitHub repositories containing malicious scripts. Victims are instructed to open projects in VS Code, triggering cross-platform malware for Windows, macOS, and Linux, including a modified Overlord framework. A key technique uses VS Code’s “runOn: folderOpen” feature to execute code automatically when a project is opened.

The malware installs loaders that deploy a malicious VSIX extension disguised as a Google service, enabling remote command execution, data theft, and credential harvesting, particularly from crypto wallets. Stolen data is exfiltrated to a command-and-control server. Researchers note the campaign has evolved from social-media-based fake interviews to large-scale email phishing, indicating increasing operational scale and sophistication among North Korean-aligned actors.

13 d   digest   programmers'
Earlier Ctrl + ↓