04\/01\/2026-04\/08\/2026 N. Korean Hackers Spread 1,700 Malicious Packages, Docker Flaw (CVE-2026-34040), Next.js React2Shell Flaw, 36 Malicious npm Packages.<\/p>\n
The North Korea-linked campaign Contagious Interview has expanded by publishing malicious packages across Go, Rust, PHP, npm, and PyPI ecosystems. These packages mimic legitimate developer tools but secretly act as malware loaders, delivering second-stage payloads with infostealer and remote access trojan (RAT) capabilities. They mainly target browser data, passwords, and cryptocurrency wallets.<\/p>\n
Some variants, especially on Windows, include advanced features like keystroke logging, file uploads, remote access via AnyDesk, and command execution. Notably, the malicious code is hidden inside normal-looking functions, making detection difficult.<\/p>\n
Researchers have identified over 1,700 related malicious packages since early 2025. The campaign is part of a broader supply chain attack strategy linked to North Korean groups such as UNC1069, also known as BlueNoroff.
\nThese attackers use long-term social engineering via platforms like LinkedIn and Telegram, sending fake meeting links that deploy malware. Their delayed execution tactics help them remain undetected longer, maximizing data theft and espionage opportunities.<\/p>\n
A critical Docker flaw, CVE-2026-34040, allows attackers to bypass authorization controls and potentially gain full access to host systems. The issue affects environments using authorization (AuthZ) plugins—commonly relied on to enforce container security policies. The vulnerability stems from how Docker handles large API requests. When a request exceeds 1 MB, Docker truncates it before sending it to the authorization plugin, but still executes the full request.<\/p>\n
This mismatch allows attackers to slip malicious actions past security checks, such as launching privileged containers or accessing sensitive data like SSH keys and cloud credentials.With a CVSS score of 8.8, the flaw impacts Docker versions dating back nearly a decade. Exploitation is simple, requiring just one crafted request and leaving little trace.<\/p>\n
Docker has released a fix. Organizations should update immediately, restrict API access, monitor activity, and apply layered security controls to reduce risk.<\/p>\n
Researchers uncovered 36 malicious npm packages posing as Strapi plugins. Disguised with names like “strapi-plugin-*,” they mimic legitimate tools but execute hidden payloads during installation via a postinstall script. These packages enable attacks such as Redis and PostgreSQL exploitation, reverse shells, credential theft, and persistent backdoors. Because the scripts run automatically with user privileges, they are especially dangerous in CI\/CD pipelines and Docker environments.<\/p>\n
The campaign evolved over time—from aggressive exploits (e. g., Redis-based remote code execution and container escape) to reconnaissance and targeted data theft, including cryptocurrency wallets and database secrets. Some payloads even used hard-coded credentials, suggesting prior access. Researchers believe the activity may target crypto platforms. Users who installed these packages should assume compromise and rotate credentials immediately. This incident highlights a broader rise in software supply chain attacks, where trusted ecosystems like npm are increasingly used to distribute malware at scale.<\/p>\n
A fast-moving cyberattack campaign is exploiting React2Shell (CVE-2025-55182), a critical flaw in Next.js apps using React Server Components. With a maximum CVSS score of 10.0, the bug allows attackers to execute code on servers using a single unauthenticated HTTP request. Researchers from Cisco Talos tracked the campaign as UAT-10608. In just 24 hours, attackers breached 766 servers across platforms like AWS, Google Cloud, and Azure, stealing over 10,000 files. Exposed data includes passwords, SSH keys, cloud tokens, and database credentials. The attack is fully automated, using internet-wide scanning tools to find vulnerable systems. Stolen data is managed via a custom command-and-control system called NEXUS Listener.
\nBeyond immediate breaches, stolen registry credentials could enable supply chain attacks. Organizations should patch immediately, rotate all secrets, restrict access, and monitor unusual outbound traffic to detect ongoing compromises.<\/p>\n",
"date_published": "2026-04-08T16:17:55+00:00",
"date_modified": "2026-04-08T16:17:49+00:00",
"_date_published_rfc2822": "Wed, 08 Apr 2026 16:17:55 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "244",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "243",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-178\/",
"title": "Programmer’s Digest #178",
"content_html": "
03\/25\/2026-04\/01\/2026 Axios npm Package, N8n Patches Critical Remote Code Execution Vulnerability, LiteLLM PyPI Compromise And More.<\/p>\n
Google has formally attributed the Axios npm supply chain compromise to UNC1069, a financially motivated North Korean threat cluster active since 2018. Attackers seized the package maintainer’s npm account and pushed two trojanized versions — 1.14.1 and 0.30.4 — that introduced a malicious dependency, plain-crypto-js, as a payload delivery vehicle. A postinstall hook silently executed an obfuscated JavaScript dropper (SILKBELL), which fetched platform-specific second-stage implants for Windows, macOS, and Linux. The backdoor, WAVESHAPER.V2, beacons to its C2 server every 60 seconds and supports remote command execution, directory enumeration, and arbitrary binary injection. After execution, the dropper deleted itself and replaced its package.json with a clean stub to hinder forensic analysis.<\/p>\n
Action<\/b>: Audit dependency trees for axios@1.14.1, axios@0.30.4, or plain-crypto-js. Pin Axios to 1.14.0 in your lockfile, block C2 domain sfrclak[.]com (IP: 142.11.206[.]73), and rotate all credentials from affected environments immediately.<\/p>\n Google patched two actively exploited Chrome zero-days — CVE-2026-3909 and CVE-2026-3910 — both carrying a CVSS score of 8.8 and discovered internally on March 10, 2026. CVE-2026-3909 is an out-of-bounds write in Skia, Chrome’s 2D graphics engine, capable of causing memory corruption or remote code execution via a malicious webpage. CVE-2026-3910 is an inappropriate implementation flaw in V8, Chrome’s JavaScript engine, allowing arbitrary code execution inside the browser sandbox — again, triggered simply by visiting a crafted page. CISA added both to its Known Exploited Vulnerabilities catalog on March 13, requiring federal agencies to patch by March 27. These are the second and third actively exploited Chrome zero-days of 2026. Chromium-based runtimes used in headless deployments for PDF generation or CI pipelines are equally affected.<\/p>\n Action<\/b>: Update Chrome to 146.0.7680.75 or later (146.0.7680.76 on macOS) across all workstations and headless environments. A browser restart is required — do not assume auto-update has completed.<\/p>\n CVE-2026-33660, publicly disclosed on March 25, 2026, affects n8n’s Merge node when its “Combine by SQL” mode is used. The AlaSQL sandbox did not sufficiently restrict certain SQL statements, allowing an authenticated attacker to read local files on the n8n host and achieve remote code execution.The vulnerability has a CVSS score of 9.4 and requires only low-level privileges — specifically, the ability to create or modify workflows — with no user interaction needed.This is at least the third RCE through AlaSQL in n8n’s Merge node in 2026, following CVE-2026-27497 and CVE-2026-27577. The fix in versions 2.14.1, 2.13.3, and 1.123.27 moves execution into an isolated-vm sandbox, eliminating the entire class of attack.n8n workflows routinely hold credentials for databases, APIs, and cloud services, making a compromised instance a high-value pivot point.<\/p>\n Action<\/b>: Upgrade n8n immediately to 2.14.1, 2.13.3, or 1.123.27. If patching is not immediately possible, add n8n-nodes-base.merge to the NODES_EXCLUDE environment variable to disable the Merge node, and restrict workflow-editing permissions to fully trusted users only.<\/p>\n TeamPCP, the threat actor behind the recent LiteLLM and Trivy compromises, struck again on March 27, 2026, pushing two malicious versions of the Telnyx Python package (4.87.1 and 4.87.2) to PyPI. The malware hid its payload inside .WAV audio files using steganography — a technique previously seen in this group’s tooling — to evade network inspection and EDR detection. On Windows, the payload achieves persistence by dropping an executable into the Startup folder as msbuild.exe. On Linux and macOS, it performs a smash-and-grab credential harvest, exfiltrating secrets as tpcp.tar.gz to 83.142.209[.]203:8080 before self-destructing. Endor Labs researchers believe TeamPCP likely obtained Telnyx’s PyPI token through the earlier LiteLLM compromise, where environment variables and CI secrets were swept from affected systems.<\/p>\n Action<\/b>: Audit environments for telnyx==4.87.1 or 4.87.2, downgrade to 4.87.0, block C2 IP 83.142.209[.]203, check Windows Startup folders for msbuild.exe, and rotate all secrets from any pipeline that imported the package.<\/p>\n Threat actors known as TeamPCP targeted LiteLLM, a popular open-source API gateway that lets developers talk to over 100 different large language models. The attackers gained initial access by compromising the Trivy vulnerability scanner through a misconfigured GitHub Actions workflow, then stole the PyPI publishing token for LiteLLM and pushed two malicious versions, 1.82.7 and 1.82.8, directly to the public registry. The malware was designed to harvest credentials and establish persistent system access, targeting SSH keys, .env files, cloud credentials, and AI API keys. Action<\/b>: If your stack uses LiteLLM, immediately upgrade beyond version 1.82.8 and audit all environments that ran it during late March. Harden GitHub Actions workflows by pinning action versions to commit SHAs and storing PyPI tokens as short-lived OIDC-based credentials rather than long-lived secrets.<\/p>\n Three vulnerabilities in LangChain and LangGraph — collectively downloaded over 84 million times on PyPI last week — expose filesystem data, environment secrets, and conversation history. CVE-2026-34070 (CVSS 7.5) is a path traversal flaw in LangChain’s prompt-loading API that allows arbitrary file reads without validation. CVE-2025-68664 (CVSS 9.3) is a deserialization vulnerability that leaks API keys and environment secrets by tricking the application into treating attacker-supplied input as a pre-serialized LangChain object. CVE-2025-67644 (CVSS 7.3) is an SQL injection flaw in LangGraph’s SQLite checkpoint implementation, enabling arbitrary queries against the conversation history database. Because LangChain sits at the center of a large dependency web, vulnerable code paths propagate through every downstream wrapper and integration that inherits them.<\/p>\n Action<\/b>: Upgrade immediately: langchain-core >=1.2.22 (CVE-2026-34070), langchain-core 0.3.81 or 1.2.5 (CVE-2025-68664), and langgraph-checkpoint-sqlite 3.0.1 (CVE-2025-67644). Audit any LangChain-based agentic workflows that handle secrets or privileged data.<\/p>\n",
"date_published": "2026-04-01T10:49:29+00:00",
"date_modified": "2026-04-01T10:49:19+00:00",
"_date_published_rfc2822": "Wed, 01 Apr 2026 10:49:29 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "243",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "242",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-177\/",
"title": "Programmer’s Digest #177",
"content_html": " 03\/18\/2026-03\/25\/2026 CVE-2025-29927 Exploited in the Wild, Critical NetScaler Flaw, Firefox 149 Patches Three Critical Memory Corruption Flaws And More.<\/p>\n On March 21, 2025, researchers published an advisory for CVE-2025-29927, a vulnerability in Next.js middleware that allows authorization bypass through a specially crafted HTTP request containing the internal header x-middleware-subrequest. The flaw affects Next.js versions prior to 12.3.5, 13.5.9, 14.2.25, and 15.2.3, and carries a CVSS score of 9.1 with an EPSS exploitation probability of 92.56%. The x-middleware-subrequest header was originally designed as an internal mechanism to prevent infinite recursive loops. By spoofing this header, external attackers can bypass middleware entirely, skipping authentication, authorization cookie validation, and Content Security Policy enforcement. Vercel-hosted deployments are automatically protected, but self-hosted applications using the next start command with output: standalone are vulnerable. Malicious IP addresses were observed attempting to exploit this vulnerability in GreyNoise Visualizer shortly after disclosure. <\/p>\n Action: Upgrade to Next.js 12.3.5, 13.5.9, 14.2.25, or 15.2.3. As a short-term mitigation for self-hosted deployments, configure your reverse proxy (Nginx, Cloudflare, AWS ELB) to strip the x-middleware-subrequest header from all inbound requests. Never rely solely on middleware for authentication — enforce access controls at the route or controller level as well.<\/p>\n Citrix has released patches for two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical issue that could expose sensitive data.<\/p>\n CVE-2026-3055 (CVSS 9.3) involves insufficient input validation, leading to a memory overread. According to Rapid7, attackers could exploit this flaw remotely without authentication to access sensitive data in memory. However, it only affects systems configured as a SAML Identity Provider (SAML IdP), so default setups are not impacted.<\/p>\n CVE-2026-4368 (CVSS 7.7) is a race condition that may cause user session mix-ups. This requires the appliance to function as a gateway (e. g., SSL VPN or ICA Proxy) or an AAA server.<\/p>\n The flaws impact multiple NetScaler versions, and users should update immediately. Although no active exploitation is confirmed, past NetScaler bugs have been widely abused, making rapid patching essential.<\/p>\n CVE-2026-4715 is a critical vulnerability in the Graphics: Canvas2D component of Firefox and Firefox ESR, disclosed on March 24, 2026, with a CVSS score of 9.1. The flaw stems from uninitialized memory, meaning certain memory regions may be used without being properly cleared. This could allow attackers to leak sensitive data or potentially achieve arbitrary code execution.<\/p>\n The issue affects core graphics rendering, so it can likely be triggered through specially crafted web pages. Since the vulnerability is remotely exploitable without authentication, attackers would only need to trick users into visiting a malicious site. It impacts Firefox versions before 149 and Firefox ESR before 140.9. While no public proof-of-concept exists yet, exploitation is considered highly plausible. Users are strongly advised to update to Firefox 149 or Firefox ESR 140.9 or later to mitigate the risk and ensure protection.<\/p>\n The CanisterWorm campaign — attributed to the cloud-focused group TeamPCP — began March 20 when Socket researchers found a compromised npm publisher account injecting malicious code across packages. By March 21, the scope had expanded to 135 affected packages, with attackers leveraging existing trust relationships to have malicious code execute automatically during routine installs without requiring any changes from developers. A mutation discovered in @teale.io\/eslint-config has proven especially dangerous: unlike the original deploy.js script that required the attacker to run manually with stolen tokens, the new variant incorporates self-propagation directly into index.js via a findNpmTokens() function that executes automatically, stealing npm tokens and using them to infect every package the token can reach. The campaign uses a decentralized Solana blockchain dead-drop for C2, making infrastructure takedowns ineffective. In parallel, two React Native packages — react-native-international-phone-number and react-native-country-select — were compromised on March 16 with obfuscated preinstall hooks targeting approximately 135,000 monthly downloads combined.<\/p>\n Action: Audit package-lock.json and yarn.lock for any packages from the CanisterWorm indicator list published by Socket. Treat any CI environment that ran npm install on affected packages as potentially compromised. Rotate npm tokens, GitHub tokens, and cloud credentials stored in those environments, and block outbound connections to known CanisterWorm C2 infratructure.<\/p>\n Akamai’s State of the Internet report published March 19, 2026, captures a sustained and worsening API threat environment. The average number of API attacks per enterprise per day reached 258 in 2025, more than double the 121 recorded in 2024, and most organizations reported at least one API-related security incident during the year. The shift is qualitative, not just quantitative: behavior-based threats — those that exploit how requests flow through workflows rather than relying on known signatures — now account for a growing share of API traffic, with attackers increasingly focused on degrading performance, driving up infrastructure costs, and exploiting AI-driven automation at scale.Wallarm’s concurrent 2026 API ThreatStats report adds structural context: in 2025, APIs accounted for 11,053 of 67,058 published security bulletins — 17% of all reported vulnerabilities — and 36% of all identified AI vulnerabilities also qualify as API vulnerabilities.Configuration and access control failures remain the most common root causes, dominated by security misconfiguration, broken authorization, and unsafe API consumption patterns.<\/p>\n Action: Add schema validation and strict object-level authorization checks to every API endpoint — not just your authentication layer. Instrument your API gateway to alert on anomalous request rates per endpoint, not just aggregate traffic. If your stack integrates AI tooling or MCP servers, audit those API surfaces explicitly, as they represent the fastest-growing overlap between AI and API attack surfaces.<\/p>\n",
"date_published": "2026-03-25T17:23:05+00:00",
"date_modified": "2026-03-25T17:22:58+00:00",
"_date_published_rfc2822": "Wed, 25 Mar 2026 17:23:05 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "242",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "241",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-176\/",
"title": "Programmer’s Digest #176",
"content_html": " 03\/11\/2026-03\/18\/2026 Wing FTP Server Flaw, Python Repositories Compromised, Flaws in Linux AppArmor And More.<\/p>\n Cybersecurity researchers have uncovered a new data exfiltration method targeting AI code execution environments via DNS queries. BeyondTrust found that Amazon Bedrock AgentCore Code Interpreter allows outbound DNS requests even in sandbox mode, enabling attackers to bypass network isolation.This behavior can be abused to create command-and-control channels, execute commands, and exfiltrate sensitive data—especially if the system’s IAM role has excessive permissions. Attackers can send instructions through DNS records, retrieve payloads, and establish persistent access.<\/p>\n Although reported in 2025, Amazon considers this intended functionality and recommends using VPC mode and DNS firewalls for stronger isolation. CISA has warned U.S. agencies to secure Wing FTP Server against an actively exploited vulnerability that could be used in remote code execution (RCE) attacks. These issues were patched in version 7.4.4, but attackers began exploiting them shortly after disclosure. Proof-of-concept code has also been released, increasing the risk.<\/p>\n CISA added the flaw to its Known Exploited Vulnerabilities catalog and gave federal agencies two weeks to patch. Although the directive targets government systems, all organizations are strongly urged to update immediately to prevent ongoing attacks.<\/p>\n Threat actors are exploiting credentials stolen in the GlassWorm campaign to compromise GitHub accounts and inject malware into Python repositories. Discovered by StepSecurity, the attacks began around March 8 and target Django apps, ML projects, PyPI packages, and Streamlit dashboards, likely aiming to steal cryptocurrency and sensitive data.Using stolen credentials, attackers modify repositories by rebasing legitimate commits, inserting obfuscated malicious code, and force-pushing changes. This method, called ForceMemo, hides traces by keeping original commit messages and author dates intact.The malware avoids Russian-language systems and retrieves instructions from a Solana blockchain address, then downloads and executes encrypted payloads while maintaining persistence.<\/p>\n Hundreds of repositories have been affected. The campaign builds on GlassWorm, a malware strain first seen in 2025 that steals credentials and crypto assets. It has since evolved into a multi-platform threat, also targeting VS Code extensions and NPM packages using more stealthy delivery techniques.<\/p>\n Cybersecurity researchers from Qualys have disclosed nine vulnerabilities in the Linux AppArmor module, collectively called CrackArmor. These flaws, present since 2017, allow unprivileged users to bypass protections, escalate privileges to root, and weaken container isolation. The issues stem from “confused deputy” vulnerabilities, where attackers manipulate trusted processes to perform malicious actions. By exploiting AppArmor profile handling, attackers can bypass namespace restrictions, execute arbitrary code, and even disable security controls. The flaws also enable denial-of-service attacks, kernel memory exposure, and techniques like KASLR bypass. In some cases, attackers could modify critical files (e. g., \/etc\/passwd) or gain full system control.<\/p>\n The vulnerabilities affect Linux kernels since version 4.11 across distributions like Ubuntu, Debian, and SUSE. With millions of systems impacted, immediate kernel patching is strongly recommended, as temporary mitigations are insufficient to fully address the risks.<\/p>\n CISA has added a critical remote code execution flaw in n8n to its Known Exploited Vulnerabilities catalog, requiring federal agencies to patch within two weeks. Tracked as CVE-2025-68613, the flaw was disclosed in December 2025 and allows authenticated attackers to execute arbitrary code with the same privileges as the n8n process. This could lead to full system compromise, unauthorized data access, and execution of system-level commands.The vulnerability affects versions from 0.211.0 up to patched releases (1.120.4, 1.121.1, 1.122.0) and received a CVSS score up to 9.9. Exploits show that workflow expressions can access the Node.js environment, enabling command execution via the UI or API. Over 24,000 instances remain exposed. Due to active exploitation risks, agencies must patch by March 25, 2026.<\/p>\n",
"date_published": "2026-03-18T17:07:12+00:00",
"date_modified": "2026-03-18T17:07:07+00:00",
"_date_published_rfc2822": "Wed, 18 Mar 2026 17:07:12 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "241",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "240",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-175\/",
"title": "Programmer’s Digest #175",
"content_html": " 03\/04\/2026-03\/11\/2026 CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities, GhostClaw Poses As OpenClaw To Steal Sensitive Developer Data And More.<\/p>\n Cybersecurity researchers discovered five malicious Rust crates disguised as time-related utilities that secretly steal sensitive data from developers. The packages—chrono_anchor, dnp3times, time_calibrator, time_calibrators, and time-sync—were uploaded to the crates.io between late February and early March 2026. Although presented as tools to calibrate local time without Network Time Protocol, the crates actually search for .env files and send their contents to attacker-controlled servers. These files often store API keys, tokens, and other secrets, making them valuable targets. Four of the packages simply collect and transmit the data, while chrono_anchor hides the malicious logic using obfuscation to avoid detection. The stolen information is sent to a look-alike domain, timeapis[.]io. The crates have now been removed, but developers who installed them should assume their secrets were exposed, rotate credentials, and review CI\/CD pipelines. The campaign highlights how even simple supply-chain attacks can cause serious damage inside developer environments.<\/p>\n CISA has added three vulnerabilities to its KEV Catalog after confirming active exploitation. The flaws affect Omnissa Workspace ONE UEM, SolarWinds Web Help Desk, and Ivanti Endpoint Manager. One vulnerability allows server-side request forgery that could expose sensitive data, while another enables attackers to execute commands on affected systems. The third flaw allows authentication bypass that may leak stored credentials. Security researchers report that attackers are already exploiting the SolarWinds Web Help Desk flaw to gain initial access, with activity linked to the Warlock ransomware group. CISA has ordered U.S. federal agencies to patch the SolarWinds vulnerability by March 12, 2026, and the remaining flaws by March 23, 2026 to reduce security risks.<\/p>\n Security researchers discovered a malicious npm package posing as the OpenClaw Installer. Instead of installing a legitimate tool, it deploys a malware framework designed to steal developer secrets, browser data, crypto wallet files, and system credentials while installing a persistent remote access tool. The package appears harmless at first, but its real behavior is hidden in setup and postinstall scripts. During installation, it silently installs itself globally and launches a convincing fake installer in the terminal with progress bars and setup messages. Afterward, it displays a fake Keychain prompt requesting the user’s system password. If entered correctly, the malware gains access to protected data. The script then downloads an encrypted second-stage payload called GhostLoader, which acts as both an infostealer and a remote access trojan. It steals credentials, cloud profiles, and browser data, sends them to attacker servers, and maintains persistent system access.<\/p>\n OpenAI has introduced a new AI-powered vulnerability scanner called Codex Security (previously Aardvark). Currently in research preview, the tool has been tested in private beta by companies such as Netgear. It is now available to ChatGPT Pro, Enterprise, Business, and Edu users with free access for one month.<\/p>\n Codex Security analyzes code repositories to understand system context and build a threat model based on trusted components, system roles, and potential exposures. It then searches for vulnerabilities, ranks them by real-world risk, and suggests patches.<\/p>\n During testing over 30 days, the tool scanned 1.2 million commits and detected nearly 800 critical vulnerabilities and more than 10,000 high-severity issues. Problems were found in major open-source projects including Chromium, OpenSSL, and PHP.<\/p>\n A threat actor known as UNC6426 breached a company’s cloud environment within 72 hours after exploiting a supply-chain attack involving the Nx npm package. The attack began when a developer’s GitHub token was stolen.<\/p>\n Using the token, the attacker accessed the victim’s cloud environment and abused a trust relationship between GitHub and Amazon Web Services through OpenID Connect. This allowed them to create a new administrator role and gain full cloud control.<\/p>\n The attackers then accessed Amazon S3 buckets to steal files and later destroyed parts of the production environment. The compromise was linked to a malicious script that installed a credential-stealing tool called QUIETVAULT, which collected tokens and sensitive data.<\/p>\n The incident highlights how supply-chain attacks targeting developer tools can quickly escalate into full cloud breaches if permissions are misconfigured.<\/p>\n",
"date_published": "2026-03-11T11:22:38+00:00",
"date_modified": "2026-03-11T11:22:33+00:00",
"_date_published_rfc2822": "Wed, 11 Mar 2026 11:22:38 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "240",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "239",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-174\/",
"title": "Programmer’s Digest #174",
"content_html": " 02\/25\/2026-03\/04\/2026 Actively Exploited VMware Aria Operations Flaw, 26 Suspicious npm Packages in New Cyber Campaign And More.<\/p>\n CISA has added a newly disclosed flaw affecting VMware Aria Operations to its KEV catalog, citing active attacks. Tracked as CVE-2026-22719 (CVSS 8.1), the high-severity bug is a command injection issue that allows unauthenticated attackers to execute arbitrary commands, potentially leading to remote code execution during support-assisted product migration. The vulnerability was patched alongside CVE-2026-22720 (stored XSS) and CVE-2026-22721 (privilege escalation). Affected products include VMware Cloud Foundation and VMware vSphere Foundation 9.x (fixed in 9.0.2.0) and VMware Aria Operations 8.x (fixed in 8.18.6). Customers unable to patch immediately can run the “aria-ops-rce-workaround.sh” script as root on each virtual appliance node. Broadcom acknowledged reports of in-the-wild exploitation but said it cannot independently confirm them. Federal Civilian Executive Branch agencies must apply fixes by March 24, 2026.<\/p>\n A coordinated campaign is targeting software developers with job-themed lures, using malicious repositories disguised as legitimate Next.js projects and coding assessments. The operation aims to achieve remote code execution (RCE), steal sensitive data, and deploy additional payloads on compromised machines. According to Microsoft, attackers created fake web apps and hosted them on platforms like Bitbucket. When developers clone and open the projects, embedded malicious JavaScript executes automatically. The code downloads a backdoor from a remote server and runs it in memory via Node.js. To boost infection rates, the repositories include multiple triggers: a VS Code task that runs on folder open, a trojanized asset activated by “npm run dev,” and a backend module that exfiltrates environment variables and executes attacker-supplied code. The infection deploys staged payloads that profile hosts, connect to command-and-control servers, execute remote tasks, and enable file exfiltration. Developers are urged to enable Workspace Trust, apply security controls, and limit stored secrets.<\/p>\n Cybersecurity researchers have warned of a new threat campaign allegedly tied to North Korean actors, involving 26 malicious packages uploaded to the npm registry. The packages were disguised as legitimate development tools and used typosquatting to mimic popular libraries, increasing the chances of accidental installation. Believed to be a variant of the “Contagious Interview” campaign, the operation reportedly used Pastebin-based steganography to hide command-and-control (C2) addresses inside seemingly harmless text files. Each package executed an installation script that launched a payload from “vendor\/scrypt-js\/version.js,” which decoded hidden server domains by stripping zero-width Unicode characters and extracting embedded data. The malware supported Windows, macOS, and Linux, and used WebSocket communication to receive commands. It included modules for data theft, VS Code persistence, keylogging, browser credential harvesting, and crypto wallet targeting, while scanning repositories for exposed secrets. The activity has been tentatively linked to the North Korea-associated group Famous Chollima. Developers are urged to verify npm packages carefully.<\/p>\n Cybersecurity researchers have detailed a patched high-severity flaw in Google Chrome that could have enabled privilege escalation and access to local files. Tracked as CVE-2026-0628 (CVSS 8.8), the issue stemmed from insufficient policy enforcement in the WebView tag and was fixed in version 143.0.7499.192\/.193 for Windows, Mac, and Linux in January 2026. Discovered by Palo Alto Networks Unit 42 researcher Gal Weizman, the flaw—codenamed “Glic Jack”—affected Chrome’s Gemini Live side panel, which loads content via a WebView component. Attackers could trick users into installing a malicious extension with basic permissions, allowing script injection into the Gemini panel. Successful exploitation could have granted access to the camera, microphone, screenshots, and local files. The bug exposed risks tied to embedding AI agents directly into browsers, where privileged components may introduce new attack surfaces despite existing extension security controls.<\/p>\n Cybersecurity researchers have uncovered a malicious package on the NuGet Gallery impersonating a legitimate library from Stripe to target the financial sector. The package, named StripeApi.Net, mimicked the official Stripe.net library, which has over 75 million downloads. Uploaded on February 16, 2026, by a user called “StripePayments,” it copied the legitimate package’s icon and nearly identical documentation, subtly altering the name to “Stripe-net.” The attacker also inflated download numbers to more than 180,000 across 506 versions to boost credibility. According to ReversingLabs, the package preserved most legitimate functionality but modified key methods to steal sensitive data, including Stripe API tokens, and exfiltrate them to a remote server. Because applications continued to compile and run normally, developers were unlikely to notice the compromise. The package was reported and removed before causing significant harm.<\/p>\n",
"date_published": "2026-03-04T09:24:34+00:00",
"date_modified": "2026-03-04T09:24:29+00:00",
"_date_published_rfc2822": "Wed, 04 Mar 2026 09:24:34 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "239",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "238",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-173\/",
"title": "Programmer’s Digest #173",
"content_html": " 02\/18\/2026-02\/25\/2026 SolarWinds Patches 4 Critical Serv-U 15.5 Flaws, Cline CLI 2.3.0 Supply Chain Attack And More.<\/p>\n SolarWinds has released updates for Serv-U file transfer software to fix four critical vulnerabilities that could allow remote code execution. All are rated 9.1 on the CVSS scale:<\/p>\n Exploitation requires administrative privileges, though risk is medium on Windows, as services often run under less-privileged accounts. These issues affect Serv-U version 15.5 and are fixed in 15.5.4. SolarWinds hasn’t reported active exploitation, but past Serv-U flaws (e. g., CVE-2021-35211, CVE-2021-35247, CVE-2024-28995) were targeted by hackers, including China-based group Storm-0322 (formerly DEV-0322).<\/p>\n Cybersecurity researchers have disclosed an active supply chain worm campaign, dubbed SANDWORM_MODE, leveraging at least 19 malicious npm packages to steal credentials and cryptocurrency keys. The malware exfiltrates system information, tokens, environment secrets, and API keys, propagating via stolen npm and GitHub identities. Core features include a polymorphic engine, hook-based persistence, USB and SSH propagation fallbacks, and an “McpInject” module that targets AI coding assistants (Claude, Cursor, VS Code) to harvest SSH keys, environment files, and LLM API keys from providers like OpenAI, Anthropic, and Cohere. The attack unfolds in two stages, with a delayed secondary stage performing deeper harvesting, worm-like spread, and full exfiltration. Some packages include sleeper components or kill switches, which remain off by default. Users are urged to remove affected packages, rotate tokens and CI secrets, and review workflows. The campaign mirrors recent malicious npm activity, including buildrunner-dev and eslint-verify-plugin, which deliver RATs and agents targeting Windows, macOS, and Linux.<\/p>\n On February 17, 2026, a supply chain attack targeted the Cline CLI open-source package, installing OpenClaw—an AI agent—on developer and CI\/CD systems via the malicious cline@2.3.0 release. The attacker exploited a prompt injection vulnerability in the Cline GitHub Actions workflow, stealing a long-lived npm publish token to publish the compromised version. The post-install script silently installed OpenClaw globally, giving it system-level permissions, persistent presence, and potential access to credentials. The package was downloaded roughly 4,000 times over an eight-hour window. No evidence of data exfiltration or additional payloads was found, but OpenClaw’s unauthorized installation posed serious security risks, particularly in CI\/CD environments. The attack was mitigated by deprecating cline@2.3.0, revoking the token, and releasing cline@2.4.0. The incident highlights critical supply chain security weaknesses and the dangers of AI-driven automation in software workflows. Users are advised to remove OpenClaw and rotate any exposed credentials.<\/p>\n Researchers uncovered a wormable cryptojacking campaign spreading via pirated software to deploy a custom XMRig miner. The malware uses a BYOVD exploit (Bring Your Own Vulnerable Driver) and a time-based logic bomb to evade detection and boost Monero mining efficiency by 15–50%. At the core is Explorer.exe, a persistent state machine that switches roles—installer, watchdog, payload manager, cleaner—based on command-line arguments. Payloads, including the miner, watchdogs, and a vulnerable driver (WinRing0x64.sys), are embedded in the binary, decompressed to hidden files, and disguised as legitimate software. A circular watchdog ensures the miner restarts if terminated, even killing Windows Explorer to maintain activity. The malware also spreads via USB drives, copying itself and creating malicious shortcuts. A kill switch set for December 23, 2025, triggers cleanup, suggesting a limited operational window. The campaign highlights evolving malware tactics, combining social engineering, worm-like propagation, kernel-level exploitation, and AI-like persistence to create a resilient, high-performance cryptojacking botnet.<\/p>\n",
"date_published": "2026-02-25T17:43:50+00:00",
"date_modified": "2026-02-25T17:43:39+00:00",
"_date_published_rfc2822": "Wed, 25 Feb 2026 17:43:50 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "238",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "237",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-172\/",
"title": "Programmer’s Digest #172",
"content_html": " 02\/11\/2026-02\/18\/2026 Malicious npm and PyPI Packages Linked to Lazarus APT, Ivanti EPMM Exploit And More.<\/p>\n CISA has added four actively exploited flaws to its KEV catalog. The vulnerabilities include CVE-2026-2441, a use-after-free bug in Google Chrome that can enable heap corruption via a crafted webpage; CVE-2024-7694, an arbitrary file upload flaw in TeamT5 ThreatSonar Anti-Ransomware; CVE-2020-7796, an SSRF issue in Zimbra Collaboration Suite; and CVE-2008-0015, a buffer overflow in Microsoft Windows Video ActiveX Control that allows remote code execution.<\/p>\n Google recently confirmed in-the-wild exploitation of CVE-2026-2441. Meanwhile, threat researchers previously observed large-scale abuse of the Zimbra flaw, and Microsoft warned the 2008 bug has been used to spread malware such as the Dogkild worm.<\/p>\n Federal agencies must apply patches by March 10, 2026, to mitigate risks.<\/p>\n BeyondTrust has released urgent updates to fix a critical remote code execution vulnerability (CVE-2026-1731, CVSS 9.9) affecting its Remote Support (RS) and Privileged Remote Access (PRA) products, with evidence of active exploitation. The flaw allows unauthenticated attackers to execute arbitrary system commands through specially crafted requests, potentially leading to full compromise, data theft, or service disruption.<\/p>\n The issue was discovered by Hacktron AI using AI-driven variant analysis and disclosed in January 2026. Internet scans from Shodan indicate about 11,000 exposed instances, many of them on-premise deployments that remain vulnerable until patched.<\/p>\n BeyondTrust automatically updated SaaS environments, but on-premise customers must apply patches or upgrade manually. Administrators are urged to verify systems quickly, as the vulnerability is easy to exploit and attractive to attackers seeking ransomware or lateral movement within enterprise networks.<\/p>\n Researchers from ReversingLabs have uncovered malicious npm and PyPI packages tied to a fake recruitment campaign attributed to the North Korea-linked Lazarus Group. The operation, dubbed “graphalgo,” has been active since May 2025 and targets JavaScript and Python developers with fraudulent cryptocurrency-related job offers. Attackers pose as recruiters on LinkedIn, Facebook, and Reddit, directing victims to GitHub “interview tasks” that secretly depend on malicious packages. Some packages, such as bigmathutils, built trust and gained thousands of downloads before being updated to deliver malware.<\/p>\n The campaign uses a multi-stage approach: creating fake companies and websites, distributing poisoned open-source dependencies, and installing remote-access trojans capable of executing commands, accessing files, and searching for cryptocurrency wallets.<\/p>\n Researchers say the activity shows the hallmarks of Lazarus operations, including staged payloads, delayed malicious updates, encrypted communications, and a modular design that allows attackers to rotate front-end infrastructure while maintaining the same backend systems.<\/p>\n Most exploitation attempts against a critical flaw in Ivanti Endpoint Manager Mobile (EPMM) have been traced to a single IP address hosted on infrastructure run by PROSPERO. According to GreyNoise, 417 exploitation sessions were recorded between February 1 and 9, 2026, with 83% originating from one source. The activity targets CVE-2026-1281 (CVSS 9.8) and CVE-2026-1340, vulnerabilities that enable unauthenticated remote code execution. Ivanti confirmed limited real-world compromises, and several European organizations—including the Dutch Data Protection Authority and the European Commission—reported targeting attempts. Researchers also observed the same host exploiting unrelated flaws in Oracle WebLogic, GNU InetUtils, and GLPI, suggesting automated scanning. About 85% of probes used DNS callbacks to verify vulnerable systems without deploying malware, consistent with initial-access operations. Security experts advise patching immediately, auditing internet-facing MDM systems, reviewing DNS logs, and blocking PROSPERO’s network ranges to reduce risk.<\/p>\n A critical zero-day vulnerability (CVE-2026-22769, CVSS 10.0) in Dell RecoverPoint for Virtual Machines has been exploited since mid-2024 by a suspected China-linked threat cluster, UNC6201, according to researchers from Google Mandiant and Google Threat Intelligence Group. The flaw involves hard-coded credentials that allow unauthenticated attackers to gain root-level access, deploy web shells, and install backdoors such as BRICKSTORM and its newer variant GRIMBOLT. Attacks have primarily targeted North American organizations and appliances that often lack endpoint detection tools, enabling long-term persistence. Investigators observed techniques such as temporary “Ghost NICs” to move laterally and erase evidence. UNC6201 shares tactics with another China-linked cluster, UNC5221, though they are considered distinct. Separately, Dragos reported activity by Volt Typhoon compromising cellular gateways in energy sectors, then pivoting into operational technology networks, highlighting growing risks to industrial systems.<\/p>\n",
"date_published": "2026-02-18T16:02:50+00:00",
"date_modified": "2026-02-18T16:02:39+00:00",
"_date_published_rfc2822": "Wed, 18 Feb 2026 16:02:50 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "237",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "236",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-171\/",
"title": "Programmer’s Digest #171",
"content_html": " 02\/04\/2026-02\/11\/2026 Critical SQLi Flaw, Microsoft Patches 59 Vulnerabilities, Critical n8n Flaws Disclosed Along With Public Exploits And More.<\/p>\n Fortinet has released security updates to fix a critical vulnerability in FortiClientEMS (CVE-2026-21643), rated 9.1 in severity, that could allow unauthenticated attackers to execute arbitrary code. The flaw is an SQL injection issue that can be exploited through specially crafted HTTP requests. The vulnerability affects FortiClientEMS 7.4.4, and users are advised to upgrade to version 7.4.5 or later. Versions 7.2 and 8.0 are not affected. Although there are no reports of active exploitation, Fortinet recommends applying patches as soon as possible. The flaw was discovered and reported by a member of Fortinet’s Product Security team. Separately, Fortinet recently addressed another critical vulnerability (CVE-2026-24858) affecting several products, including FortiOS and FortiManager. That issue, rated 9.4, has been actively exploited by attackers to create persistent admin accounts, modify configurations to enable VPN access, and exfiltrate firewall configuration data.<\/p>\n Microsoft released security updates addressing 59 vulnerabilities, including six actively exploited flaws. Five issues are rated Critical, 52 Important, and two Moderate. The vulnerabilities include privilege escalation, remote code execution, spoofing, information disclosure, security feature bypass, denial-of-service, and cross-site scripting. The six exploited flaws affect components such as Windows Shell, MSHTML, Microsoft Word, Desktop Window Manager, Remote Access Connection Manager, and Remote Desktop. Some allow attackers to bypass security prompts or elevate privileges after gaining access to a system, potentially enabling malware deployment or credential theft. Researchers from Microsoft, Google Threat Intelligence Group, and others reported several of the issues, though details of exploitation remain limited. CISA has added all six vulnerabilities to its Known Exploited Vulnerabilities catalog, requiring U.S. federal agencies to patch them by March 3, 2026. Microsoft also issued Edge browser fixes, updated Secure Boot certificates, and introduced new security features aimed at strengthening default protections and improving user transparency and consent.<\/p>\n Cybersecurity firm Socket has uncovered a supply-chain attack in which threat actors published malicious versions of dYdX client libraries to both npm and PyPI, targeting developers building cryptocurrency trading tools. The incident, detected on January 27, 2026, likely involved a compromised maintainer account. Affected packages included several versions of @dydxprotocol\/v4-client-js and the PyPI package dydx-v4-client.<\/p>\n The malware was hidden in core files and executed during normal use. In npm packages, tampered functions stole seed phrases and device fingerprints, sending them to a typosquatted domain. The PyPI version was more severe, installing a remote access trojan that periodically contacted a command-and-control server and could run arbitrary code, enabling theft of credentials, source code, and other sensitive data.<\/p>\n dYdX warned users to isolate systems and rotate credentials. Developers are advised to audit dependencies, upgrade to safe versions, block known indicators, and monitor environments, as compromised packages could lead to wallet theft or full system compromise.<\/p>\n Anthropic says its latest model, Claude Opus 4.6, has demonstrated the ability to autonomously audit open-source software, discovering more than 500 previously unknown high-severity vulnerabilities in widely used libraries such as Ghostscript, OpenSC, and CGIF. All reported flaws were confirmed as real and have since been patched by maintainers.<\/p>\n In testing, the model operated in a virtualised environment with access to tools like debuggers and fuzzers but no detailed instructions. Researchers found it used reasoning similar to human security analysts, identifying patterns in code and past fixes to uncover subtle weaknesses that traditional fuzzing sometimes missed. Examples included memory-handling errors and overflows that could cause crashes or allow exploitation.<\/p>\n Anthropic is deploying the system to help maintainers find and fix vulnerabilities, highlighting AI’s growing role as a defensive security tool that can complement manual review. However, the company also warned that similar capabilities could be misused and said it is adding safeguards to reduce risks.<\/p>\n Multiple critical vulnerabilities in the open-source workflow automation platform n8n, tracked as CVE-2026-25049, allowed authenticated users with permission to create or edit workflows to escape the sandbox and execute arbitrary code on the host server. Researchers found the flaws stemmed from weak sanitization and incomplete sandboxing of user-written JavaScript, enabling attackers to run system commands, access files, and steal credentials, API keys, and configuration data. In multi-tenant environments, the issue could also allow lateral movement to other tenants or connected cloud services.<\/p>\n Several security firms independently identified bypasses, showing that earlier patches were incomplete. The vulnerabilities were fixed in n8n versions 2.5.2 and 1.123.17, and users are urged to update, rotate encryption keys, and review workflows.<\/p>\n Although no active exploitation has been confirmed, researchers have observed large-scale scanning of exposed n8n systems, suggesting growing attacker interest and highlighting the importance of prompt patching and access controls.<\/p>\n",
"date_published": "2026-02-11T15:29:21+00:00",
"date_modified": "2026-02-11T15:29:15+00:00",
"_date_published_rfc2822": "Wed, 11 Feb 2026 15:29:21 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "236",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "235",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-170\/",
"title": "Programmer’s Digest #170",
"content_html": " 01\/28\/2026-02\/04\/2026 Docker Fixes Critical Ask Gordon AI Flaw, Critical React Native Metro Bug, Two High-Severity n8n Flaws And More<\/p>\n Cybersecurity researchers have revealed details of a now-patched critical flaw in Ask Gordon, Docker’s AI assistant built into Docker Desktop and the Docker CLI, that could enable code execution and data exfiltration. The vulnerability was fixed in Docker version 4.50.0 released in November 2025. The issue arises because Ask Gordon treats unverified Docker image metadata as executable instructions. A single malicious LABEL field embedded in a Docker image can trigger a three-stage attack: Ask Gordon reads the instruction, forwards it to the Model Context Protocol (MCP) Gateway, and the gateway executes it using MCP tools—without validation. This could result in remote code execution on cloud and CLI systems or sensitive data exposure on desktop environments. The flaw represents a failure of contextual trust, described as Meta-Context Injection, where MCP cannot distinguish harmless metadata from pre-authorized commands. By weaponizing Docker image labels, attackers can hijack the AI’s reasoning process and bypass security boundaries.<\/p>\n Hackers are actively exploiting a critical vulnerability, CVE-2025-11953, in the React Native Metro development server to target developers with malicious payloads for Windows and Linux. The flaw allows unauthenticated attackers to execute arbitrary OS commands on Windows via crafted POST requests, while on Linux and macOS it enables execution of arbitrary binaries with limited control. Metro, the default JavaScript bundler for React Native, exposes development-only HTTP endpoints by default and can bind to external network interfaces, increasing attack surface.<\/p>\n Researchers at JFrog disclosed the issue in November, identifying the vulnerable \/open-url endpoint, which passes user-supplied input to the open() function without sanitization. The flaw affects @react-native-community\/cli-server-api versions 4.8.0 through 20.0.0-alpha.2 and was fixed in version 20.0.0. VulnCheck observed in-the-wild exploitation starting December 21, 2025, with repeated attacks delivering base64-encoded PowerShell payloads that disable defenses, fetch second-stage binaries, and execute them. Despite active abuse, about 3,500 Metro servers remain exposed online.<\/p>\n Cybersecurity researchers have uncovered a supply chain attack targeting the Open VSX Registry, in which threat actors compromised a legitimate developer account to distribute malicious updates. On January 30, 2026, four popular extensions published by the developer oorzc were updated with malicious code embedding the GlassWorm malware loader, according to Socket researcher Kirill Boychenko. The extensions, some over two years old, had accumulated more than 22,000 downloads prior to the attack.<\/p>\n The incident is believed to stem from stolen publishing credentials, possibly via a leaked token. The malicious versions were later removed, but not before delivering a loader capable of decrypting and executing payloads at runtime. The malware targets macOS systems, harvesting browser data, cryptocurrency wallets, iCloud Keychain contents, developer credentials, and VPN configurations, posing serious risks to enterprise environments.<\/p>\n Unlike earlier GlassWorm campaigns that relied on typosquatting, this attack abused a trusted developer account, allowing the malware to blend into normal workflows. Researchers warn that removed extensions remain installed locally until developers release clean updates.<\/p>\n Ivanti has released emergency patches for two critical zero-day vulnerabilities in Endpoint Manager Mobile (EPMM) that are being actively exploited in the wild. Tracked as CVE-2026-1281 and CVE-2026-1340 (CVSS 9.8), the flaws are unauthenticated code injection bugs that allow remote code execution. The issues affect EPMM’s in-house application distribution and Android file transfer configuration features. Successful exploitation could enable attackers to execute arbitrary code, move laterally, and access sensitive data, including administrator and user details as well as mobile device information. Ivanti says a limited number of customers were impacted at disclosure. All EPMM versions up to 12.7.0.0 and select 12.5.x and 12.6.x releases are affected. Ivanti has issued version-specific RPM patches and recommends upgrading to version 12.8.0.0 once available. CISA has added CVE-2026-1281 to its Known Exploited Vulnerabilities catalog, urging organizations to prioritize remediation due to the flaw’s severity.<\/p>\n A US security agency has warned that a critical remote code execution (RCE) flaw in SolarWinds Web Help Desk is being actively exploited. CISA has added CVE-2025-40551 to its KEV Catalog, giving federal civilian agencies until Friday to apply patches released last week. Rated CVSS 9.8, the vulnerability is a deserialization of untrusted data issue that allows unauthenticated attackers to gain admin-level access and execute arbitrary commands on affected systems. While the KEV mandate applies only to federal agencies, CISA urges all organizations to patch promptly due to widespread use of the software in government, education, and healthcare.<\/p>\n CVE-2025-40551 is one of four critical flaws fixed in a January 28 update. The others include an additional RCE vulnerability and two authentication bypass bugs, all rated 9.8. Although only one flaw is currently exploited, attackers could chain them to fully compromise systems. SolarWinds advises upgrading to Web Help Desk 2026.1 immediately.<\/p>\n Cybersecurity researchers have disclosed two new vulnerabilities in the n8n workflow automation platform, including a critical flaw that could lead to full remote code execution. Identified by JFrog Security Research, CVE-2026-1470 (CVSS 9.9) allows any authenticated user to bypass n8n’s JavaScript Expression sandbox and execute arbitrary code on the main node. A second issue, CVE-2026-0863 (CVSS 8.5), enables authenticated users to escape the Python task sandbox and run arbitrary code on the host system.<\/p>\n Despite requiring authentication, CVE-2026-1470 is considered highly dangerous because any n8n user could completely take over an instance, including those running in “internal” execution mode. Given n8n’s access to sensitive enterprise workflows, credentials, and APIs, successful exploitation could provide attackers broad control across an organization.<\/p>\n Users are urged to upgrade to patched versions immediately. The disclosure follows recent reports of a separate unauthenticated n8n flaw, underscoring ongoing risks in sandboxing dynamic languages like JavaScript and Python.<\/p>\n",
"date_published": "2026-02-04T19:28:43+00:00",
"date_modified": "2026-02-04T19:28:37+00:00",
"_date_published_rfc2822": "Wed, 04 Feb 2026 19:28:43 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "235",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "234",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-169\/",
"title": "Programmer’s Digest #169",
"content_html": " 01\/21\/2026-01\/28\/2026 CISA Adds Four Critical Vulnerabilities, Critical VMware RCE Flaw, Fortinet Patches CVE-2026-24858 And More<\/p>\n CISA added four critical vulnerabilities to its KEV catalog on January 22, 2026, confirming active exploitation in the wild. The flaws affect development tools, SD-WAN infrastructure, email platforms, and package managers, highlighting a broad and urgent threat landscape. All four vulnerabilities carry a February 12, 2026, remediation deadline under Binding Operational Directive (BOD) 22-01 for federal systems and critical infrastructure operators. One vulnerability involves embedded malicious code in Prettier’s eslint-config-prettier package (CVE-2025-54313), enabling a supply-chain attack during installation. Vite’s dev server (CVE-2025-31125) allows unauthorized file access when exposed to networks. Versa Concerto’s SD-WAN platform (CVE-2025-34026) contains an authentication bypass that exposes administrative functions. Synacor Zimbra (CVE-2025-68645) is vulnerable to PHP remote file inclusion, a common initial access vector. Organizations should immediately inventory affected systems, prioritize network-exposed assets, and apply vendor patches or mitigations to reduce risk.<\/p>\n CISA has flagged a critical VMware vCenter Server vulnerability as actively exploited, ordering federal agencies to secure affected systems within three weeks. The flaw, CVE-2024-37079, was patched in June 2024 and stems from a heap overflow in vCenter Server’s DCERPC protocol implementation.<\/p>\n Attackers with network access can exploit the vulnerability using specially crafted packets to achieve remote code execution without authentication or user interaction, making it a low-complexity but high-impact threat. There are no workarounds or mitigations, and Broadcom has urged customers to immediately apply the latest vCenter Server and Cloud Foundation patches. CISA added the vulnerability to its KEV catalog, setting a February 13 remediation deadline under Binding Operational Directive 22-01 for Federal Civilian Executive Branch agencies. Broadcom separately confirmed in-the-wild exploitation.<\/p>\n CISA warned that such flaws are frequently abused and advised agencies to follow vendor guidance, apply required mitigations, or discontinue use if protections are unavailable.<\/p>\n Fortinet has begun releasing security updates to address a critical FortiOS authentication bypass vulnerability that is being actively exploited in the wild. Tracked as CVE-2026-24858 (CVSS 9.4), the flaw affects FortiOS, FortiManager, and FortiAnalyzer and is tied to FortiCloud single sign-on (SSO). The vulnerability allows an attacker with a FortiCloud account and registered device to gain administrative access to other customers’ devices when FortiCloud SSO is enabled, bypassing authentication through an alternate access path. While FortiCloud SSO is disabled by default, it may be enabled when devices are registered through the GUI. Fortinet confirmed threat actors abused a new attack path to create local admin accounts, modify VPN access, and exfiltrate firewall configurations. In response, Fortinet disabled and re-enabled FortiCloud SSO with added protections and locked malicious accounts. CISA has added the flaw to its Known Exploited Vulnerabilities catalog, requiring Federal Civilian Executive Branch agencies to remediate by January 30, 2026.<\/p>\n A critical remote code execution flaw has been disclosed in Grist-Core, the open-source, self-hosted version of the Grist spreadsheet-database platform. Tracked as CVE-2026-24002 (CVSS 9.1) and codenamed Cellbreak, the vulnerability allows a single malicious formula to escape Grist’s Python sandbox and execute commands on the host system. The issue stems from Grist’s use of Pyodide to run untrusted Python formulas in a WebAssembly sandbox. Researchers found that a blocklist-based design allows traversal of Python internals and access to runtime functions, enabling OS command execution and host-level JavaScript execution. Successful exploitation could expose files, database credentials, API keys, and enable lateral movement.<\/p>\n The flaw was fixed in Grist version 1.7.9, released January 9, 2026. Instances using the “gvisor” sandbox are not affected, while those running Pyodide must upgrade immediately. As a temporary mitigation, operators can switch the GRIST_SANDBOX_FLAVOR setting to “gvisor” and avoid disabling Deno-based protections when handling untrusted formulas.<\/p>\n Two malicious extensions in Microsoft’s Visual Studio Code Marketplace, installed a combined 1.5 million times, were found exfiltrating developer data to servers in China. Marketed as AI-powered coding assistants, the extensions provide expected functionality but fail to disclose extensive data collection or obtain user consent. Researchers at Koi Security identified the campaign, dubbed MaliciousCorgi, noting both extensions share the same data-stealing code and backend infrastructure. The affected extensions—ChatGPT – 中文版 (1.34 million installs) and ChatMoss (CodeMoss) (150,000 installs)—remain available at the time of reporting. The extensions employ multiple spyware techniques, including monitoring files opened in VS Code and transmitting entire file contents in real time, executing server-controlled commands to harvest workspace files, and embedding analytics SDKs to profile users and fingerprint devices. Koi warned this activity risks exposing source code, configuration files, credentials, and API keys. Microsoft confirmed it is investigating the report and will take action in accordance with its policies.<\/p>\n",
"date_published": "2026-01-28T18:43:03+00:00",
"date_modified": "2026-01-28T18:42:55+00:00",
"_date_published_rfc2822": "Wed, 28 Jan 2026 18:43:03 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "234",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "233",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-168\/",
"title": "Programmer’s Digest #168",
"content_html": " 01\/14\/2026-01\/21\/2026 Critical Flaw in Modular DS WordPress Plugin, Binary-parser Bug Allows Node.js Privilege-Level Code Execution, Hackers Target Developers via Malicious VS Code Projects And More.<\/p>\n A critical vulnerability in the Modular DS WordPress plugin (CVE-2026-23550, CVSS 10.0) is being actively exploited, allowing unauthenticated attackers to escalate privileges. Modular DS, installed on over 40,000 sites, enables centralized monitoring, updates, and remote administration of WordPress installations. In versions 2.5.1 and earlier, the flaw allows attackers to bypass authentication by abusing exposed API routes under \/api\/modular-connector\/. A flawed isDirectRequest() check treats requests containing simple parameters (origin=mo&type=xxx) as trusted “direct” requests, without validating signatures, secrets, IPs, or User-Agent headers. If a site is already connected to Modular, attackers can access sensitive routes such as \/login, \/system, and \/backup, leading to admin takeover and data theft. Exploitation began on January 13, 2026, with attackers targeting the login API to create new admin users. The issue was fixed in version 2.5.2 by tightening route handling and validation. Users should update immediately to mitigate risk.<\/p>\n A security vulnerability has been disclosed in the popular binary-parser npm library that could allow attackers to execute arbitrary JavaScript. Tracked as CVE-2026-1245, the flaw affects all versions prior to 2.3.0, which was released on November 26, 2025 to address the issue. Binary-parser is a widely used JavaScript parser builder for binary data, supporting multiple data types and receiving roughly 13,000 weekly downloads. According to CERT\/CC, the vulnerability stems from insufficient sanitization of user-supplied values—such as parser field names and encoding parameters—when generating parser code dynamically at runtime using the Function constructor. Because the library builds JavaScript source code as a string and compiles it for execution, attacker-controlled input can be injected into the generated code, leading to arbitrary code execution within the Node.js process. Applications using only static, hard-coded parser definitions are not affected. Users are strongly advised to upgrade to version 2.3.0 and avoid passing untrusted input into parser definitions.<\/p>\n A critical Fortinet FortiSIEM vulnerability (CVE-2025-64155) with publicly available proof-of-concept exploit code is now being actively exploited in the wild. Reported by Horizon3.ai researcher Zach Hanley, the flaw combines multiple issues that allow unauthenticated attackers to perform arbitrary file writes, escalate privileges, and ultimately gain root-level code execution. Fortinet described the issue as an OS command injection vulnerability that can be triggered via crafted TCP requests. Horizon3.ai’s analysis revealed that dozens of command handlers exposed through the phMonitor service can be accessed remotely without authentication. By abusing argument injection, attackers can overwrite system files such as \/opt\/charting\/redishb.sh to execute code as root. The vulnerability affects FortiSIEM versions 6.7 through 7.5. Patches are available in newer releases, while administrators unable to update immediately are advised to restrict access to the phMonitor port (7900). Threat intelligence firm Defused has confirmed active exploitation, urging defenders to check phMonitor logs for signs of compromise.<\/p>\n North Korean threat actors behind the long-running Contagious Interview campaign are using malicious Visual Studio Code (VS Code) projects to distribute backdoors. The tactic targets software developers through fake job assessments that instruct victims to clone GitHub, GitLab, or Bitbucket repositories and open them in VS Code. When a victim trusts the repository, malicious tasks.json files are automatically executed, abusing the runOn: folderOpen option to fetch and run obfuscated JavaScript payloads hosted on Vercel. On macOS, the attack uses background shell commands to pipe remote JavaScript directly into Node.js, enabling persistent execution even after VS Code closes. The payload deploys backdoors such as BeaverTail and InvisibleFerret, enabling remote code execution, system profiling, and continuous command-and-control communication. Later stages may introduce fallback infection methods, malicious npm packages, credential theft, crypto mining, and remote access tools. Developers are urged to carefully vet repositories, review task configurations, and avoid untrusted coding tests.<\/p>\n A critical misconfiguration in AWS CodeBuild, dubbed CodeBreach by Wiz, could have enabled attackers to take over several AWS-managed GitHub repositories, including the AWS JavaScript SDK, creating a severe supply chain risk. The issue was responsibly disclosed on August 25, 2025, and fixed by AWS in September. The flaw stemmed from improperly configured CI webhook filters intended to restrict which GitHub users could trigger builds. Four AWS repositories used regex-based actor ID filters that lacked start (^) and end ($) anchors, allowing attackers to bypass restrictions by registering GitHub accounts with numeric IDs containing a trusted maintainer’s ID as a substring. Because GitHub user IDs are sequential, these IDs could be predicted and generated using automated bot accounts. By triggering a build, an attacker could access privileged GitHub tokens with admin rights, enabling direct code pushes, pull request approvals, and secret exfiltration. AWS confirmed the issue was limited to specific projects, implemented mitigations, rotated credentials, and found no evidence of exploitation in the wild.<\/p>\n",
"date_published": "2026-01-21T09:56:43+00:00",
"date_modified": "2026-01-21T09:56:36+00:00",
"_date_published_rfc2822": "Wed, 21 Jan 2026 09:56:43 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "233",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "232",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-167\/",
"title": "Programmer’s Digest #167",
"content_html": " 01\/07\/2026-01\/14\/2026 Gogs Vulnerability, Microsoft Fixes 114 Windows Flaws, Critical Node.js Vulnerability And More<\/p>\n A high-severity vulnerability in the self-hosted Git service Gogs is being actively exploited, prompting an alert from CISA. The flaw is tracked as CVE-2025-8110 and carries a CVSS v4.0 score of 8.7. The issue stems from improper handling of symbolic links in Gogs’ PutContents API, allowing authenticated attackers to overwrite files outside a repository and achieve remote code execution. Wiz researchers uncovered the flaw while investigating malware infections and found it was exploited as a zero-day, bypassing earlier protections. More than 700 Gogs instances have already been compromised, and about 1,600 servers remain internet-exposed. No official patch is available yet, though fixes are pending. Until updates are released, organizations are urged to restrict access, disable open registration, and closely monitor for suspicious activity.<\/p>\n Microsoft has released its first Patch Tuesday update of 2026, fixing 114 security vulnerabilities, including one actively exploited in the wild. Eight flaws are rated Critical and 106 Important, with privilege escalation issues making up the largest category. The update ranks as the third-largest January Patch Tuesday on record.<\/p>\n The actively exploited flaw, CVE-2026-20805 (CVSS 5.5), is an information disclosure vulnerability in the Desktop Window Manager (DWM) that could help attackers undermine protections like ASLR. While exploitation details remain limited, CISA has added it to its KEV catalog, requiring U.S. federal agencies to patch by February 3, 2026.<\/p>\n Microsoft also addressed Edge browser flaws, removed vulnerable legacy Agere modem drivers, and fixed a Secure Boot certificate expiration bypass that could weaken firmware trust. Another high-priority issue is a privilege escalation flaw in Windows Virtualization-Based Security Enclave that could allow attackers to compromise core system protections.<\/p>\n Node.js has released security updates to fix a critical denial-of-service (DoS) issue that could impact “virtually every production Node.js app.” Tracked as CVE-2025-59466 (CVSS 7.5), the flaw occurs when stack space is exhausted in user code while async_hooks is enabled. Instead of throwing a catchable error, Node.js may abruptly exit with code 7, allowing attackers to crash applications using unsanitized, recursion-based input. The issue affects many popular frameworks and monitoring tools that rely on AsyncLocalStorage, including React Server Components, Next.js, and major APM platforms such as Datadog and New Relic. All Node.js versions from 8.x through 18.x are impacted, though only supported releases have been patched.<\/p>\n Fixes are available in Node.js 20.20.0, 22.22.0, 24.13.0, and 25.3.0. Node.js also addressed three additional high-severity vulnerabilities involving data leakage, file access via symlinks, and remote DoS. Users are strongly urged to update promptly.<\/p>\n Trend Micro has patched three security vulnerabilities in its Apex Central on-premise management console that could enable remote code execution (RCE) or denial-of-service (DoS) attacks. The flaws, discovered by Tenable in August 2025 and tracked as CVE-2025-69258, CVE-2025-69259, and CVE-2025-69260, affect Windows installations running Apex Central versions prior to Build 7190.<\/p>\n The most critical issue, CVE-2025-69258 (CVSS 9.8), is a LoadLibraryEx RCE vulnerability that allows an unauthenticated attacker to load a malicious DLL and execute code with SYSTEM privileges. Tenable released proof-of-concept exploit code demonstrating the attack. The other two flaws, both rated 7.5, are DoS vulnerabilities caused by an unchecked NULL return value and an out-of-bounds read, respectively. 12\/31\/2026-01\/07\/2026 ISE Security Vulnerability, Ni8mare Flaw Gives Unauthenticated Control Of n8n Instances, New Veeam Vulnerabilities And More<\/p>\n Cisco has issued patches for a medium-severity flaw, CVE-2026-20029 (CVSS: 4.9), in its Identity Services Engine (ISE) and ISE Passive Identity Connector. This vulnerability, present in the licensing feature, allows an authenticated administrator to read arbitrary files via malicious XML uploads. A public proof-of-concept exploit is available. Affected versions include releases earlier than 3.2 and specific 3.2 to 3.4 releases; version 3.5 is not vulnerable. No workarounds exist. Concurrently, Cisco fixed two other medium-severity Snort 3 bugs—CVE-2026-20026 (denial-of-service) and CVE-2026-20027 (information disclosure)—affecting multiple products. Given frequent targeting of Cisco vulnerabilities, users must apply updates promptly for protection.<\/p>\n A critical vulnerability in the n8n workflow automation platform, tracked as CVE-2026-21858 (CVSS 10.0) and dubbed Ni8mare, allows unauthenticated attackers to fully compromise affected instances. Discovered by Cyera researchers, the flaw enables arbitrary file read by abusing how n8n Webhooks handle uploaded data in certain form-based workflows.<\/p>\n The issue arises when workflows process files without validating the request’s Content-Type. Attackers can craft non-multipart requests and manually define file paths, tricking n8n into copying and exposing sensitive system files such as \/etc\/passwd. With access to configuration files and the local SQLite database, attackers can extract authentication secrets, forge an admin session cookie, and bypass login protections.<\/p>\n Once authenticated as an admin, attackers can achieve full remote code execution using built-in workflow nodes. The vulnerability affects all n8n versions up to 1.65.0 and was fixed in version 1.121.0 (November 2025). A compromised n8n instance can expose credentials, tokens, and connected systems, making the impact severe.<\/p>\n Veeam has released security updates to fix multiple flaws in its Backup & Replication (VBR) software, including a high-severity remote code execution vulnerability tracked as CVE-2025-59470. The flaw affects Veeam Backup & Replication version 13.0.1.180 and all earlier v13 builds.<\/p>\n The vulnerability allows attackers with Backup or Tape Operator roles to achieve remote code execution as the postgres user by sending malicious parameters. While initially rated critical, Veeam downgraded the issue to high severity because exploitation requires highly privileged access. Two additional flaws were also fixed: CVE-2025-55125 (high) and CVE-2025-59468 (medium), both enabling RCE under specific conditions.<\/p>\n The issues were patched in Veeam Backup & Replication 13.0.1.1071, released on January 6. VBR is widely used by enterprises and managed service providers and is frequently targeted by ransomware groups, as compromising backup servers can enable data theft and prevent recovery.<\/p>\n Users of the @adonisjs\/bodyparser npm package are urged to update after disclosure of a critical path traversal vulnerability that could allow arbitrary file writes on servers. Tracked as CVE-2026-21440 (CVSS 9.2), the flaw affects AdonisJS multipart file uploads when developers use MultipartFile.move() without sanitizing filenames or providing the options parameter.<\/p>\n In such cases, attackers can supply crafted filenames containing traversal sequences, enabling them to write files outside the intended upload directory and potentially overwrite sensitive files. If application code or configuration files are overwritten and later executed, remote code execution may be possible, depending on deployment and permissions. The issue affects versions ≤10.1.1 and ≤11.0.0-next.5, and is fixed in 10.1.2 and 11.0.0-next.6.<\/p>\n The disclosure coincides with another high-severity path traversal flaw in jsPDF (CVE-2025-68428, CVSS 9.2), patched in version 4.0.0, which could expose arbitrary local files in Node.js environments.<\/p>\n Researchers have uncovered a nine-month-long campaign targeting IoT devices and web applications to build the RondoDox botnet. As of December 2025, attackers are exploiting React2Shell (CVE-2025-55182, CVSS 10.0), a critical flaw in React Server Components and Next.js that enables unauthenticated remote code execution, according to CloudSEK.<\/p>\n Shadowserver estimates 90,000+ instances remain vulnerable worldwide, with the majority in the U.S. RondoDox, active since early 2025, has expanded by abusing multiple N-day flaws, including CVE-2023-1389 and CVE-2025-24893. The campaign evolved from manual scanning to large-scale automated exploitation.<\/p>\n Recent attacks scan for vulnerable Next.js servers and deploy crypto miners, botnet loaders, and a Mirai variant. One tool aggressively removes competing malware and establishes persistence via cron jobs. Mitigations include patching Next.js, isolating IoT devices, deploying WAFs, monitoring suspicious processes, and blocking known C2 infrastructure.<\/p>\n",
"date_published": "2026-01-08T18:46:54+00:00",
"date_modified": "2026-01-08T18:48:13+00:00",
"_date_published_rfc2822": "Thu, 08 Jan 2026 18:46:54 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "231",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "230",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-165\/",
"title": "Programmer’s Digest #165",
"content_html": " 12\/17\/2025-12\/24\/2025 Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution, New UEFI Flaw Enables Early-Boot DMA Attacks And More<\/p>\n A critical security vulnerability has been disclosed in the n8n workflow automation platform that could allow arbitrary code execution under certain conditions. The flaw, tracked as CVE-2025-68613, has a CVSS score of 9.9 It has approximately 57,000 weekly downloads on npm. According to the maintainers, expressions provided by authenticated users during workflow configuration may be evaluated in an execution context that is not properly isolated from the underlying runtime. An authenticated attacker could exploit this behavior to execute arbitrary code with the privileges of the n8n process, potentially leading to full system compromise, including data theft, workflow manipulation, and system-level operations. The vulnerability affects all versions from 0.211.0 up to but not including 1.120.4 and has been patched in 1.120.4, 1.121.1, and 1.122.0. Users are strongly urged to update immediately or restrict workflow permissions and harden deployments if patching is delayed.<\/p>\n CISA has added a critical WatchGuard Firebox OS vulnerability, CVE-2025-14733 (CVSS 9.3), to its KEV catalog after active exploitation was confirmed. The flaw is an out-of-bounds write issue in WatchGuard Fireware OS that can be exploited remotely and without authentication via exposed IKEv2 VPN services. When Mobile User VPN or Branch Office VPN with IKEv2 is configured using a dynamic gateway peer, specially crafted network traffic can trigger improper memory handling, allowing attackers to execute arbitrary code on affected Firebox devices. The vulnerability impacts multiple Fireware OS branches, including 11.10.2–11.12.4_Update1, 12.0–12.11.5, and 2025.1–2025.1.3, putting VPN gateways at risk of full compromise. WatchGuard has released patches, Indicators of Attack, and mitigation guidance. CISA has ordered federal agencies to remediate the flaw by December 26, 2025. Organizations are strongly urged to apply updates immediately, rotate secrets after patching, and restrict exposure if fixes cannot be deployed at once.<\/p>\n Certain motherboard models from ASRock, ASUS, GIGABYTE, and MSI are affected by a firmware vulnerability that exposes systems to early-boot DMA attacks despite UEFI and IOMMU protections being enabled. Discovered by Nick Peterson and Mohamed Al-Sharifi of Riot Games, the flaw stems from firmware incorrectly reporting that DMA protection is active while failing to initialize the IOMMU during early boot.<\/p>\n This gap allows a malicious PCIe DMA-capable device with physical access to read or modify system memory before the operating system and its security controls load, potentially enabling pre-boot code injection and undermining system integrity. CERT\/CC warns attackers could access sensitive data or alter the system’s initial state.<\/p>\n The issue affects multiple Intel and AMD chipset families and is tracked under CVE-2025-14304, CVE-2025-11901, CVE-2025-14302, and CVE-2025-14303, each with a CVSS score of 7.0. Vendors are releasing firmware updates to fix IOMMU initialization. Users are strongly advised to apply patches promptly, especially in environments where physical access cannot be fully controlled.<\/p>\n SonicWall has released a hotfix for a local privilege escalation vulnerability, CVE-2025-40602, affecting Secure Mobile Access (SMA) 1000 appliances and warned that the flaw has been exploited in the wild. The vulnerability was reportedly chained with CVE-2025-23006 to achieve unauthenticated remote code execution with root privileges. CVE-2025-23006, patched in January 2025, is a deserialization of untrusted data flaw in the Appliance and Central Management Consoles that allows unauthenticated attackers to execute OS commands. The newly disclosed CVE-2025-40602 also impacts the Appliance Management Console and, due to missing authorization checks, enables attackers with local access to escalate privileges to root when chained with the earlier bug.<\/p>\n SonicWall credited researchers from Google’s Threat Intelligence Group for reporting the issue, though no indicators of compromise have been shared. Customers are urged to upgrade to 12.4.3-03245 or 12.5.0-02283 and restrict management interface access. Even if earlier patches are applied, deploying the latest updates remains essential to fully mitigate the risk.<\/p>\n",
"date_published": "2025-12-24T09:40:10+00:00",
"date_modified": "2025-12-24T09:40:26+00:00",
"_date_published_rfc2822": "Wed, 24 Dec 2025 09:40:10 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "230",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "229",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-164\/",
"title": "Programmer’s Digest #164",
"content_html": " 12\/10\/2025-12\/17\/2025 New React RSC Vulnerabilities, Hackers Exploit GitHub, New PCPcat Exploiting React2Shell Vulnerability And More<\/p>\n The React team has released fixes for newly discovered flaws in React Server Components (RSC) that could lead to denial-of-service (DoS) attacks or source code exposure. The issues were uncovered by security researchers while probing patches for CVE-2025-55182, a critical RSC vulnerability that has already been exploited in the wild. Two vulnerabilities, CVE-2025-55184 and CVE-2025-67779 (both CVSS 7.5), enable pre-authentication DoS through unsafe deserialization that can trigger infinite loops and hang server processes. A third issue, CVE-2025-55183 (CVSS 5.3), may allow attackers to retrieve Server Function source code via crafted HTTP requests under specific conditions. The flaws affect multiple 19.x versions of react-server-dom packages. Researchers RyotaK, Shinsaku Nomura, and Andrew MacPherson reported the issues. Users are strongly advised to upgrade to versions 19.0.3, 19.1.4, or 19.2.3 to mitigate risk.<\/p>\n Hackers are abusing GitHub by creating fake repositories that impersonate OSINT, GPT, and DeFi tools to distribute PyStoreRAT, a modular remote access trojan designed for data theft and system control. Active since mid-2025, the campaign primarily targets cybersecurity professionals, developers, and cryptocurrency users who trust open-source platforms for tooling. The attackers publish seemingly legitimate Python or JavaScript projects, often promoted on X and YouTube, and artificially inflate stars and forks to build credibility. After users run the code, hidden loaders fetch HTA files from remote servers, ultimately installing PyStoreRAT. In many cases, malicious code is injected later through “maintenance” commits, allowing repositories to appear benign for weeks or months.<\/p>\n Once deployed, PyStoreRAT enables credential and wallet theft, keylogging, and remote command execution while using obfuscation and encrypted communications to evade detection. Researchers warn this campaign highlights growing supply-chain risks on GitHub and recommend strict repository verification, behavioral monitoring, and isolated testing environments as key defenses.<\/p>\n Multiple critical vulnerabilities have been disclosed in the FreePBX platform, including a severe authentication bypass flaw.<\/p>\n Discovered by Horizon3.ai, the three primary flaws are:<\/p>\n These easily exploitable issues permit remote code execution. Updates have been released: CVE-2025-61675\/61678 are fixed in versions 16.0.92\/17.0.6, and CVE-2025-66039 in 16.0.44\/17.0.23.<\/p>\n As mitigation, FreePBX advises setting “Authorization Type” to “usermanager” and disabling “Override Readonly Settings.” The “webserver” auth type is now considered legacy and offers reduced security; its configuration option has been removed from the UI. Users should analyze systems where it was enabled for signs of compromise.<\/p>\n A new malware campaign dubbed PCPcat has compromised more than 59,000 servers in under 48 hours by exploiting critical vulnerabilities in Next.js and React environments. The attacks abuse two flaws—CVE-2025-29927 and CVE-2025-66478—that enable unauthenticated remote code execution through prototype pollution and command injection.<\/p>\n PCPcat scans public-facing Next.js applications at scale, testing around 2,000 targets per batch every 30–60 minutes, and has achieved an unusually high success rate of 64.6%. Once a vulnerable server is identified, the malware extracts environment files, cloud credentials, SSH keys, and command histories, exfiltrating the data via simple HTTP requests. The operation is coordinated through a command-and-control server in Singapore using three ports: 666 for payload delivery, 888 for reverse tunnels, and 5656 for core management. To maintain persistence, PCPcat installs proxy and tunneling tools, allowing attackers to retain access even after patches are applied.<\/p>\n Threat actors are actively exploiting two critical authentication bypass flaws in Fortinet FortiGate devices, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS 9.8), which affect FortiOS and other products. These vulnerabilities allow attackers to bypass single sign-on protections using crafted SAML messages when FortiCloud SSO is enabled. This feature is enabled by default during FortiCare registration, leaving many organizations unknowingly exposed. In observed attacks, malicious SSO logins from specific hosting providers have been used to gain administrative access, export full device configurations, and steal hashed credentials. Although these hashes require cracking, weak or reused passwords remain vulnerable. CISA has added CVE-2025-59718 to its Known Exploited Vulnerabilities catalog, mandating federal agencies to patch by December 23rd, 2025. To mitigate risk, organizations should immediately apply updates, change all passwords, and restrict management interface access to trusted internal networks only.<\/p>\n",
"date_published": "2025-12-17T14:03:29+00:00",
"date_modified": "2025-12-17T14:03:25+00:00",
"_date_published_rfc2822": "Wed, 17 Dec 2025 14:03:29 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "229",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "228",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-163\/",
"title": "Programmer’s Digest #163",
"content_html": " 12\/03\/2025-12\/10\/2025 Critical RSC Bugs in React and Next.js; Malicious VS Code, Go, npm, and Rust Packages; Critical Apache Tika Vulnerability And More<\/p>\n2. Two Chrome Zero-Days Exploited in the Wild: What CVE-2026-3909 and CVE-2026-3910 Mean for Your Business<\/a><\/h2>\n
3. N8n Patches Critical Remote Code Execution Vulnerability (CVE-2026-33660<\/a>)<\/h2>\n
4. TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files<\/a><\/h2>\n
5. LiteLLM PyPI Compromise Triggers Mercor Breach — AI Supply Chain Under Fire<\/a><\/h2>\n
\nMercor, an AI recruiting and training-data startup, has confirmed it was “one of thousands of companies” hit by the attack. The attackers were only caught because of a small bug in their code that caused a massive memory leak.<\/p>\n6. LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks<\/a><\/h2>\n
1. Next.js Middleware Authorization Bypass CVE-2025-29927 Exploited in the Wild <\/a><\/h2>\n
2. Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks<\/a><\/h2>\n
3. Firefox 149 Patches Three Critical Memory Corruption Flaws Including a 9.8 CVE in the JavaScript Engine<\/a><\/h2>\n
4. Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages<\/a><\/h2>\n
5. API Attack Rates Double Year-over-Year; Akamai Report Flags Behavior-Based Threats as New Normal<\/a><\/h2>\n
1. AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE<\/a><\/h2>\n
\nSeparately, a flaw in LangSmith (CVE-2026-25750) allowed token theft and account takeover via malicious links, now patched. Meanwhile, critical vulnerabilities in SGLang could enable remote code execution through unsafe deserialization, highlighting growing security risks in AI infrastructure.<\/p>\n2. CISA Flags Wing FTP Server Flaw as Actively Exploited in Attacks<\/a><\/h2>\n
\nTracked as CVE-2025-47813, the flaw allows low-privileged attackers to reveal the application’s installation path through error messages. While not critical alone, it can be chained with other vulnerabilities, including an RCE flaw (CVE-2025-47812) and a password disclosure bug.<\/p>\n3. Python Repositories Compromised in GlassWorm Aftermath<\/a><\/h2>\n
4. Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation<\/a><\/h2>\n
5. CISA Adds n8n RCE Flaw to List of Known Exploited Vulnerabilities<\/a><\/h2>\n
1. Five Malicious Rust Crates and AI Bot Exploit CI\/CD Pipelines to Steal Developer Secrets<\/a><\/h2>\n
2. CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited<\/a><\/h2>\n
3. GhostClaw Poses As OpenClaw To Steal Sensitive Developer Data<\/a><\/h2>\n
4. OpenAI Rolls Out Codex Security Vulnerability Scanner<\/a><\/h2>\n
5. UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours<\/a><\/h2>\n
1. CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog<\/a><\/h2>\n
2. Fake Next.js Job Interview Tests Backdoor Developer’s Devices<\/a><\/h2>\n
3. North Korean-Linked Hackers Target Developers Through 26 Suspicious npm Packages in New Cyber Campaign<\/a><\/h2>\n
4. New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel<\/a><\/h2>\n
5. Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens<\/a><\/h2>\n
1. SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution<\/a><\/h2>\n
\n
\n-CVE-2025-40539 & CVE-2025-40540: Type confusion flaws enabling execution of native code as root;
\n-CVE-2025-40541: Insecure direct object reference (IDOR) allowing native code execution as root.<\/li>\n<\/ul>\n2. Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens<\/a><\/h2>\n
3. Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems<\/a><\/h2>\n
4. Wormable XMRig Campaign Leverages BYOVD and Timed Kill Switch For Stealth<\/a><\/h2>\n
1. CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update<\/a><\/h2>\n
2. Patch Immediately: BeyondTrust Remote Code Execution Flaw Exploited in the Wild<\/a><\/h2>\n
3. Malicious npm and PyPI Packages Linked to Lazarus APT Fake Recruiter Campaign<\/a><\/h2>\n
4. 83 % of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure<\/a><\/h2>\n
5. Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024<\/a><\/h2>\n
1. Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution<\/a><\/h2>\n
2. Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days<\/a><\/h2>\n
3. Threat Actors Publish Malicious dYdX Packages to npm and PyPI Repositories<\/a><\/h2>\n
4. Open Source Security Gets AI Boost As Claude Detects 500+ Critical Issues<\/a><\/h2>\n
5. Critical n8n Flaws Disclosed Along With Public Exploits<\/a><\/h2>\n
1. Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata<\/a><\/h2>\n
2. Hackers Exploit Critical React Native Metro Bug to Breach Dev Systems<\/a><\/h2>\n
3. Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm<\/a><\/h2>\n
4. Ivanti Patches Exploited EPMM Zero-Days<\/a><\/h2>\n
5. SolarWinds Web Help Desk Vulnerability Actively Exploited<\/a><\/h2>\n
6. Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution<\/a><\/h2>\n
1. CISA Adds Four Critical Vulnerabilities to KEV Catalog Following Active Exploitation<\/a><\/h2>\n
2. CISA Says Critical VMware RCE Flaw Now Actively Exploited<\/a><\/h2>\n
3. Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected<\/a><\/h2>\n
4. Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas<\/a><\/h2>\n
5. Malicious AI Extensions On VSCode Marketplace Steal Developer Data<\/a><\/h2>\n
1. Actively Exploited Critical Flaw in Modular DS WordPress Plugin Enables Admin Takeover<\/a><\/h2>\n
2. CERT\/CC Warns Binary-parser Bug Allows Node.js Privilege-Level Code Execution<\/a><\/h2>\n
3. Hackers Exploiting Critical Fortinet FortiSIEM Flaw in Attacks<\/a><\/h2>\n
4. North Korea-Linked Hackers Target Developers via Malicious VS Code Projects<\/a><\/h2>\n
5. AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks<\/a><\/h2>\n
1. CISA Flags Actively Exploited Gogs Vulnerability With No Patch<\/a><\/h2>\n
2. Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited<\/a><\/h2>\n
3. Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow<\/a><\/h2>\n
4. Trend Micro Fixed a Remote Code Execution in Apex Central<\/a><\/h2>\n
\nTrend Micro addressed all three issues in Critical Patch Build 7190 and urges customers to apply updates promptly and restrict remote access.<\/p>\n",
"date_published": "2026-01-14T19:03:26+00:00",
"date_modified": "2026-01-14T19:03:19+00:00",
"_date_published_rfc2822": "Wed, 14 Jan 2026 19:03:26 +0000",
"_rss_guid_is_permalink": "false",
"_rss_guid": "232",
"_e2_data": {
"is_favourite": false,
"links_required": [],
"og_images": []
}
},
{
"id": "231",
"url": "https:\/\/blog.humanfactor.ai\/all\/devdigest-166\/",
"title": "Programmer’s Digest #166",
"content_html": "1. Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release<\/a><\/h2>\n
2. Ni8mare Flaw Gives Unauthenticated Control Of n8n Instances<\/a><\/h2>\n
3. New Veeam Vulnerabilities Expose Backup Servers to RCE Attacks<\/a><\/h2>\n
4. Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers<\/a><\/h2>\n
5. RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers<\/a><\/h2>\n
1. Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances<\/a><\/h2>\n
2. U.S. CISA Adds a Flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities Catalog<\/a><\/h2>\n
3. New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards<\/a><\/h2>\n
4. Exploited SonicWall Zero-Day Patched (CVE-2025-40602<\/a>)<\/h2>\n
1. New React RSC Vulnerabilities Enable DoS and Source Code Exposure<\/a><\/h2>\n
2. Hackers Exploit GitHub with Fake Repos to Spread PyStoreRAT Malware<\/a><\/h2>\n
3. FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE<\/a><\/h2>\n
\n
4. New PCPcat Exploiting React2Shell Vulnerability to compromise 59,000+ Servers<\/a><\/h2>\n
5. Fortinet Firewalls Under Active Attack<\/a><\/h2>\n