CIRCLE WITH A DOT

(socket.dev) Large-Scale npm Supply Chain Attack Targets TanStack Packages with Credential-Stealing MalwareNew large-scale npm supply chain attack targets @tanstack packages with credential-stealing malware. 84 compromised packages detected, exfiltrating CI/CD secrets via obfuscated payloads.In brief - The Mini Shai-Hulud campaign compromised 84 @tanstack npm packages, embedding malware that steals GitHub Actions tokens and environment variables. Over 12M weekly downloads amplify risk to CI/CD pipelines and developer workstations. TanStack has begun mitigation by unpublishing affected versions.Technically - Attackers inserted heavily obfuscated `router_init.js` into packages, using string-array rotation, control-flow flattening, and spawn-based daemonization to exfiltrate `GITHUB*` env vars. Malicious `tanstack_runner.js` executed via npm `prepare` hook, exploiting orphaned GitHub commits to bypass OIDC token protections. Payload detected within 6 minutes of publication, indicating active monitoring of the attack chain.Source: https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack#Cybersecurity #ThreatIntel

THREAT INTEL | https://sibillacapital.com/ Actor "incransom" claims Undisclosed️ Unverified claimhttps://www.yazoul.net/intel/claim/2026-05-10-sibilla-capital-ransomware-attack-by-inc-ransom-may-2026#DarkWeb #DataBreach #ThreatIntel #CyberSecurity #InfoSec

(bishopfox.com) Confused Deputy Attacks in AI Agents: Mechanics, Case Studies, and Layered MitigationsNew research highlights the growing risk of confused deputy attacks targeting AI agents, where attackers manipulate systems into executing malicious actions using their own privileges. These attacks exploit trust relationships and tool access to bypass security controls, enabling data exfiltration and privilege escalation.In brief - Confused deputy attacks leverage seemingly legitimate inputs (e.g., support tickets, emails) to trick AI agents into performing unauthorized actions. High-profile incidents like EchoLeak and ConfusedPilot demonstrate real-world impact, emphasizing the need for layered mitigations such as least-privilege access and network egress controls.Technically - Attackers embed malicious instructions in attacker-controlled content, which AI agents process via Multi-Tool Processing (MCP) servers. Techniques include Insecure Direct Object Reference (IDOR) and metadata service exploitation to escalate privileges. Case studies show Microsoft Copilot processing crafted emails to exfiltrate data or interpreting malicious calendar invites to expose private information. Mitigations include per-task tool restrictions, least-privilege principles, and egress controls to limit data exfiltration. Attackers can also bypass generative AI guardrails by directly targeting MCP servers, underscoring the need for robust security at both AI and infrastructure layers.Source: https://bishopfox.com/blog/otto-support-confused-deputy#Cybersecurity #ThreatIntel

(medium.com) From Image Trading to Sextortion: How Minor Communities Become Entry Points for Child ExploitationNew research exposes a structured sextortion pipeline targeting minors via "trading" communities, escalating to financial blackmail and NCII with fatal outcomes reported by FBI/NCMEC.In brief - Analysis of 1,000 sextortion accounts reveals minors are recruited in public spaces using coded language, redirected to encrypted platforms (Telegram/Discord), and coerced into sharing intimate material. Offenders exploit fluid movement between public/private interactions, normalizing exploitation. Early behavioral detection is critical to disrupt these networks.Technically - The attack vector leverages multi-stage exploitation: (1) Recruitment via age-specific signals in public comments, (2) Redirection to private channels, (3) Escalation to NCII/sextortion. Research highlights comment-based detection as effective for identifying recruitment patterns before coercion. Platform abuse compresses exploitation stages, evading content moderation. Cross-platform intelligence sharing is needed to counter encrypted messaging risks.Source: https://medium.com/intelligence-alice/from-image-trading-to-sextortion-c4ae1553643c#Cybersecurity #ThreatIntel

(akamai.com) Akamai Mitigates Local Privilege Escalation Vulnerability in Guardicore Platform Agent for macOS and LinuxCritical local privilege escalation flaw (CVE-2026-34354) patched in Akamai Guardicore Platform Agent for macOS/Linux. Exploitation via TOCTOU in HandleSaveLogs() enables symlink attacks on root-owned files, plus command injection in gimmelogs diagnostic tool.In brief - Akamai fixed a severe local privilege escalation vulnerability in Guardicore Agent for macOS/Linux. Attackers could manipulate symlinks or inject commands to escalate privileges. Patch immediately.Technically - CVE-2026-34354 involves a TOCTOU race condition in HandleSaveLogs() where IPC sockets in /tmp allow symlink attacks on root files. The gimmelogs tool also had command injection via dbstore. Local access required; remote exploitation not possible. Updates mitigate both vectors.Source: https://www.akamai.com/blog/security-research/2026/may/advisory-cve-2026-34354-guardicore-local-privilege-escalation#Cybersecurity #ThreatIntel

@iampytest1 where did you see the stuff about 313 team? Afaik I've only seen attribution to shiny hunters - and the defacement clearly linked to them as well.

(malwarebytes.com) Security Risks of Browser Password Managers: Why Microsoft Edge's Design Raises ConcernsMicrosoft Edge loads the entire password vault into plaintext process memory at startup—a design choice that enables post-compromise credential harvesting. Unlike Chrome, Edge lacks app-bound encryption and decrypts all passwords on launch, persisting them in memory.In brief - Microsoft Edge’s password manager design exposes plaintext credentials in memory at startup, increasing risk of post-compromise harvesting. This contrasts with Chrome’s on-demand decryption and app-bound key protections.Technically - Research by @L1v1ng0ffTh3L4N reveals Edge decrypts the full password vault into process memory upon launch, unlike Chromium peers that decrypt only when needed (e.g., autofill). This behavior, acknowledged by Microsoft as ‘by design,’ allows infostealers with elevated privileges to extract credentials via memory reads. A PoC demonstrates exploitation without requiring zero-days, aligning with broader findings on password manager memory leaks.Source: https://www.malwarebytes.com/blog/news/2026/05/microsoft-says-edges-plaintext-password-behavior-is-by-design#Cybersecurity #ThreatIntel

THREAT INTEL | Soprolux🟢 Actor "bravox" claims Undisclosed️ Unverified claimhttps://www.yazoul.net/intel/claim/2026-05-08-soprolux-ransomware-attack-by-bravox-may-2026#DarkWeb #DataBreach #ThreatIntel #CyberSecurity #InfoSec

New security advisory:CVE-2026-42826 affects multiple systems.• Impact: Remote code execution or complete system compromise possible• Risk: Attackers can gain full control of affected systems• Mitigation: Patch immediately or isolate affected systemsFull breakdown:https://www.yazoul.net/advisory/cve/cve-2026-42826-azure-devops-leaks-credentials#CVE #ZeroDay #ThreatIntel

(socket.dev) Critical Sandbox Escape Vulnerability in vm2 JavaScript Library Exposes Node.js Applications to Arbitrary Command ExecutionCritical sandbox escape in vm2 (CVE-2026-26956, GHSA-ffh4-j6h5-pg66) enables arbitrary command execution via WebAssembly.JSTag in Node.js applications. Affects vm2 0.2.2–3.10.4 on runtimes exposing WebAssembly.JSTag.In brief - A critical flaw in the vm2 JavaScript sandboxing library allows attackers to bypass sandbox restrictions, access the host Node.js process, and execute arbitrary OS commands. The vulnerability impacts 66 versions of vm2 and requires immediate patching or mitigation via Certified Patches.Technically - The vulnerability stems from insufficient isolation of WebAssembly.JSTag in vm2’s sandbox, allowing malicious JavaScript passed to VM.run() to escape and interact with the host process. Fixed in vm2 3.10.5 by removing WebAssembly.JSTag from the sandbox. Socket’s Certified Patches offer a targeted fix for teams unable to upgrade immediately. Review sandboxed workloads for least-privilege access and stronger isolation.Source: https://socket.dev/blog/free-certified-patches-for-critical-vm2-sandbox-escape#Cybersecurity #ThreatIntel

(huntress.com) Threat Actors Exploit Tiflux RMM in Phishing Campaigns for Stealthy Persistence and Privilege EscalationThreat actors are actively exploiting Tiflux, a commercial RMM tool, in phishing campaigns for initial access and persistence since late February. The campaign chains Tiflux with UltraVNC, Splashtop, and ScreenConnect for covert operations.In brief - Huntress researchers identified a surge in incidents involving Tiflux RMM abuse via phishing. The installer includes vulnerable components like HwRwDrv.sys, enabling privilege escalation and system compromise. Organizations must monitor RMM tool usage to prevent unauthorized access.Technically - The attack begins with a phishing email leading to a CloudFlare CAPTCHA-protected page delivering a malicious MSI installer. The installer deploys TiAgent, TiPeerToPeer, and outdated UltraVNC (v1.2.0.1) with hardcoded credentials. Vulnerable drivers (HwRwDrv.sys) and registry modifications disable security notifications, while additional RMM tools (Splashtop, ScreenConnect) facilitate credential theft and system profiling. Expired certificates and SSH host keys further indicate malicious intent.Source: https://www.huntress.com/blog/tiflux-rmm-install#Cybersecurity #ThreatIntel

(wordfence.com) Weekly WordPress Vulnerability Report: Analysis of 87 Newly Disclosed Plugin and Theme VulnerabilitiesThis week’s WordPress vulnerability report discloses 87 new flaws in plugins/themes, including 3 critical, 34 high, and 50 medium-severity issues. XSS (30) and missing authorization (19) dominate the threat landscape, with SQLi (10) and SSRF (3) also present. Firewall rules deployed for premium users; free users protected after 30 days. 84 patched, 3 unpatched.In brief - WordPress ecosystems face significant risk from 87 newly disclosed vulnerabilities, primarily XSS and missing authorization flaws. Immediate patching and monitoring are critical to mitigate exposure.Technically - The report details 87 vulnerabilities (CWE-mapped) with CVSS-rated severity: 3 critical, 34 high, 50 medium. XSS (CWE-79) and missing authorization (CWE-862) lead, followed by SQLi (CWE-89), sensitive data exposure (CWE-200), and SSRF (CWE-918). Wordfence Intelligence deployed enhanced firewall rules for premium users; free-tier protection delayed 30 days. Data sourced from in-house research, bug bounties, and public disclosures.Source: https://www.wordfence.com/blog/2026/05/wordfence-intelligence-weekly-wordpress-vulnerability-report-april-27-2026-to-may-3-2026/#Cybersecurity #ThreatIntel

We want to see urlDNA in more tools. ️If you’re building something and want to hook it up to our API, we’d love to help you make it happen.See what’s already live here: https://github.com/urldna/integrationsSend us a DM and let’s chat!#urldna #cti #infosec #threatintel #secops

(pushsecurity.com) Inside the Phishing Panels: How ShinyHunters and BlackFile Operators Leverage Real-Time Vishing and AITM AttacksIn brief - Threat actors ShinyHunters and BlackFile are leveraging phishing panels like Doko’s Panel to conduct real-time vishing and AITM attacks, bypassing MFA and compromising enterprise identity providers (Okta, Microsoft Entra) and cryptocurrency exchanges. These campaigns, active since August 2025, demonstrate the professionalization of vishing-as-a-service and the use of LLM-generated code to lower the barrier for cybercriminals.Technically - The phishing panels employ manual AITM techniques, using client-side JavaScript (e.g., `client.js`) to establish real-time C2 via Telegram channels. Variants exhibit distinct C2 protocols (e.g., heartbeat/check_redirect), UUID generation methods, and backend endpoints. Four infrastructure clusters were identified, each with unique domain patterns and hosting providers. The panels show LLM artifacts, such as verbose comments and broken function duplication. Detection is hindered by gated landing pages, anti-bot checks, and operator-approval requirements, complicating automated scanning efforts.Source: https://pushsecurity.com/blog/inside-criminal-phishing-panel/#Cybersecurity #ThreatIntel

️ We’re seeing an ongoing phishing campaign targeting hotels and hosts, impersonating messages from 'Booking.com' - see sample image below.Here’s what we know so far: ️ Emails appear to target actual 'Booking.com' host email addresses, which may indicate that recipient data was obtained from a previous breach - the timing is particularly relevant given the 'Booking.com' data breach last month (see article - https://www.bbc.co.uk/news/articles/cly00jnnxypo). ️ While the emails appear to come from 'Booking.com', they are actually sent via compromised accounts. ️ Messages typically reference a “complaint” or “special request” requiring urgent action. ️ Links often use URL shorteners or services like 'share.google' to hide phishing pages ️ Goal is to steal login credentials or payment details through fake portalsThese phishing emails are very convincing, so extra caution is prudent - here are some steps you can take to reduce risk: Be cautious of urgency or pressure in booking-related emails Avoid clicking shortened or unfamiliar links Verify requests by logging into the platform directly Report suspicious emails internally or to the platform provider#CyberSecurity #Phishing #ThreatIntel #InfoSec #BookingCom

(hackerone.com) Exposure Debt: The Growing Gap Between Vulnerability Discovery and Remediation in the AI EraIn brief - AI-driven vulnerability discovery has surged 76% YoY, but remediation capacity lags, creating a 21x backlog growth in unresolved vulnerabilities. Critical-severity backlogs increased 25x, with resolution rates dropping below 40%. Exposure debt is widening as MTTR improvements fail to offset discovery velocity, increasing breach risk.Technically - HackerOne data shows a 76% rise in submissions due to AI-assisted discovery, while resolution rates fell 46% despite an 80% MTTR improvement. Critical vulnerabilities now face a 25x backlog, with resolution rates plummeting from 83% to <40%. The misalignment between discovery velocity and remediation capacity demands AI-driven solutions for fix generation, automated regression testing, and scalable workflows to close the gap.Source: https://www.hackerone.com/blog/finding-fast-fixing-slow-rising-exposure-debt#Cybersecurity #ThreatIntel

As a chaser, here are two other CVEs on Ollama from yesterday.https://discourse.ifin.network/t/cve-2026-42248-cve-2026-42249-ollama-on-windows-doesnt-verify-updates-writes-anywhere/378

(wordfence.com) Critical Authenticated Arbitrary File Upload Vulnerability Patched in Slider Revolution WordPress PluginCritical RCE vulnerability (CVE pending) in Slider Revolution WordPress plugin (7.0.0–7.0.10) allows authenticated attackers with subscriber+ access to upload malicious files via flawed `library.load.image` AJAX action. Exploitation enables webshell deployment and full site compromise.In brief - A severe authenticated arbitrary file upload flaw in Slider Revolution (5M+ installs) permits RCE. Patch to 7.0.11 immediately; WordFence users are protected via firewall rules.Technically - The vulnerability stems from insufficient validation in `_check_file_path()` within `RevSliderAddons`, allowing attackers to bypass extension checks via `data[0][id]` parameter. The `download_url()` function in `RevSliderLoadBalancer` writes attacker-supplied files to public directories. Requires leaked nonce and subscriber access. Partial fix in 7.0.10; full remediation in 7.0.11.Source: https://www.wordfence.com/blog/2026/05/authenticated-arbitrary-file-upload-vulnerability-patched-in-slider-revolution-7-wordpress-plugin/#Cybersecurity #ThreatIntel

(microsoft.com) Evolution of ClickFix: How Threat Actors Exploit macOS Terminal Commands to Distribute InfostealersIn brief - Threat actors are exploiting macOS Terminal commands via social engineering to distribute infostealers (MacSync, SHub Stealer, AMOS). These attacks bypass Gatekeeper, harvest sensitive data (Keychain, crypto wallets, browser creds), and replace legitimate wallet apps with trojanized versions. High-risk campaign leveraging native utilities for stealth and persistence.Technically - The ClickFix campaign uses multi-stage execution paths (loader, script, helper) to deploy malware via obfuscated Terminal commands. Techniques include:- Gatekeeper bypass via `curl`/`osascript` for in-memory execution- Persistence via LaunchAgents/Daemons- Data exfil via HTTP POST/Telegram C2- Anti-VM checks in Mach-O payloads- Dynamic C2 discovery (Telegram fallback)- Cryptocurrency wallet trojanizationMonitor Terminal activity, outbound downloads, and script execution to detect.Source: https://www.microsoft.com/en-us/security/blog/2026/05/06/clickfix-campaign-uses-fake-macos-utilities-lures-deliver-infostealers/#Cybersecurity #ThreatIntel

New.Abnormal Security: Tycoon2FA Rebounds Post-Takedown with 6 Layers of Obfuscation https://abnormal.ai/blog/tycoon2fa-post-takedown-rebuild #infoec #threatintel #threatintelligence