NEW#06125 days ago▤RecapMay 18 – May 25
Software Supply Chain and AI Exploitation Dominate Threat Landscape
The software supply chain has become the primary battlefield for attackers because compromising a single developer tool can cascade into thousands of enterprise networks. Campaigns like Mini Shai-Hulud and TrapDoor are stealing credentials and injecting backdoors across major code registries, while the Laravel Lang Compromise and the Coruna Exploit Kit show how malicious code can automatically execute to steal secrets or exploit end users. As a result, organizations must treat developer environments as high-value targets, because a single compromised package or malicious VS Code extension can lead to catastrophic breaches like the GitHub internal repository theft by TeamPCP.
In parallel, artificial intelligence is simultaneously accelerating attacks and creating dangerous new attack surfaces. Threat actors are using AI to automate influence campaigns like Patriot Bait and crack passwords, while also impersonating AI tools like Gemini CLI and Claude Code to deliver infostealers. Furthermore, attackers are directly targeting exposed AI infrastructure, such as Ollama AI endpoints, and manipulating AI coding assistants via hidden prompt injections in campaigns like TrapDoor, which means AI systems are both the weapon and the target.
These trends together suggest that traditional perimeter defenses are failing against supply chain and AI-driven threats. Managers should immediately enforce strict vetting of open-source packages, restrict developer access to unverified extensions, and ensure AI infrastructure is not exposed to the public internet.
NEW#0611
Socket6 days ago▣LLM reportcritical The TrapDoor campaign is a sophisticated supply chain attack targeting crypto, DeFi, and AI developers across npm, PyPI, and Crates.io. The threat actor deployed over 34 malicious packages that utilize ecosystem-specific execution methods to steal credentials, wallets, and SSH keys, while uniquely leveraging AI configuration files like .cursorrules to trick AI assistants into executing exfiltration workflows.
NEW#0610
CISA6 days ago▣LLM reportmedium ABB Terra AC Wallbox (JP) versions 1.8.33 and prior are affected by multiple buffer overflow vulnerabilities (CVE-2025-10504, CVE-2025-12142, CVE-2025-12143) with a CVSS score of 6.1. Successful exploitation requires a threat actor to hijack the Bluetooth connection, potentially allowing them to pollute memory, alter firmware behavior, and take remote control of the device.
NEW#0609CISA6 days ago▣LLM reportcritical ABB has disclosed multiple vulnerabilities in B&R Automation Studio versions prior to 6.5, stemming from an outdated third-party SQLite component. These flaws, which include heap-based buffer overflows and integer overflows, could potentially be exploited to achieve remote code execution, data exposure, or denial of service, though no active exploitation has been observed.
NEW#0608
Check Point6 days ago▣LLM reportcritical This threat intelligence report highlights a surge in ransomware activity, critical zero-day vulnerabilities in Windows, and the active exploitation of Cisco Catalyst SD-WAN controllers. Additionally, it details emerging AI-driven threats, including malicious Hugging Face repositories and the abuse of AI website generators for phishing, alongside an APT intrusion by FamousSparrow targeting the energy sector.
NEW#0607
ANY.RUN6 days ago▣LLM reporthigh Modern social engineering attacks have evolved to closely mimic legitimate business workflows, utilizing techniques like ClickFix, OAuth device code abuse, and in-browser blob phishing. These tactics bypass traditional security controls and create "gray-zone" alerts that require deep behavioral analysis to determine the true scope of compromise, such as credential theft, token abuse, or RMM deployment.
NEW#0606Socket6 days ago▣LLM reportcritical A massive supply chain attack compromised over 700 historical versions of Laravel Lang packages, injecting an RCE backdoor via Composer's autoloader. The backdoor delivers a sophisticated, cross-platform PHP information stealer designed to harvest cloud credentials, CI/CD secrets, browser data, and local configuration files.
#0605
Zscaler ThreatLabz7 days ago▣LLM reportinfo The article discusses the rapid enterprise adoption of agentic AI and emphasizes the need for deliberate innovation and governance. It highlights ACSC guidelines advocating for the integration of AI services into a Modern Defensible Architecture using principles like least privilege, segmentation, comprehensive logging, and human-in-the-loop oversight to mitigate the risks of autonomous compromise.
#0604Socket7 days ago▣LLM reportmedium The integration of AI coding tools has fundamentally altered the open-source ecosystem, driving an exponential increase in npm package creation and automating dependency selection. This shift transforms the software supply chain into an automated black box, bypassing traditional human review processes and elevating the risk of supply chain malware infections, thereby requiring automated behavioral analysis for mitigation.
#0603Socket7 days ago▣LLM reporthigh A widespread supply chain attack compromised hundreds of GitHub repositories by injecting malicious postinstall scripts into package.json files and GitHub Actions workflows. The payload uses curl to download a remote Linux binary disguised as an SSH daemon, primarily targeting PHP projects that bundle JavaScript build tools to bypass standard Composer dependency reviews.
#0602Zscaler ThreatLabz8 days ago▣LLM reportinfo Frontier AI models such as Anthropic Mythos and OpenAI GPT 5.5 Cyber represent a paradigm shift in security testing by leveraging multi-step reasoning to chain vulnerabilities and misconfigurations into viable attack paths. Zscaler's evaluation demonstrates that these models significantly outperform legacy tools in speed and accuracy when embedded in structured testing harnesses, though they require careful contextual grounding to avoid severity inflation or pattern anchoring. Organizations are advised to implement Zero Trust architectures and deception technologies to mitigate the accelerated threat posed by AI-enabled adversaries.
#0601Socket8 days ago▣LLM reporthigh In response to the ongoing Mini Shai-Hulud supply chain campaign, npm has invalidated all granular access tokens that bypass two-factor authentication. The threat actors have been harvesting credentials from CI/CD environments to automate the publishing of malicious package versions, successfully bypassing existing controls like OIDC Trusted Publishing. To provide a more robust defense, npm has introduced an opt-in Staged Publishing feature that requires interactive MFA approval for automated releases.
#0600
Palo Alto Networks8 days ago▣LLM reporthigh Unit 42 identified an active cyberespionage campaign by the Iran-nexus APT group Screening Serpens, targeting entities in the U.S., Israel, and the Middle East. The threat actor deployed two new RAT families, MiniUpdate and MiniJunk V2, utilizing advanced AppDomainManager hijacking and DLL sideloading to evade native .NET security mechanisms like ETW. The attacks rely on highly tailored social engineering lures, such as fake job portals and video conferencing updates, to initiate the infection chain and establish persistent command and control.
#0599
Canadian Centre for Cyber Security8 days ago▣LLM reportcritical The Canadian Centre for Cyber Security released a daily digest of six security advisories. Notably, a highly critical SQL injection vulnerability in Drupal Core (CVE-2026-9082) is currently being exploited in the wild, and F5 has disclosed a critical vulnerability (CVE-2026-9256) affecting multiple NGINX products.
#0598Check Point8 days ago▣LLM reporthigh Iranian threat actor Nimbus Manticore (UNC1549) conducted a series of campaigns in early 2026 utilizing AppDomain Hijacking, SEO poisoning, and task hijacking to deploy the new MiniFast backdoor. The group demonstrated rapid toolset evolution, likely aided by AI-assisted development, targeting the aviation and software sectors across the US, Europe, and the Middle East.
#0597
Trend Micro8 days ago▣LLM reporthigh Void Dokkaebi has updated its InvisibleFerret malware by compiling the original Python scripts into Cython binaries (.pyd for Windows, .so for macOS) to evade traditional script-based detection. The campaign utilizes a multi-stage BeaverTail JavaScript infection chain to deliver these binaries, targeting software developers to steal cryptocurrency wallet credentials, establish backdoor access, and downgrade browser security controls.
#0596
Trail of Bits8 days ago▣LLM reportinfo Trail of Bits collaborated with the maintainers of zizmor, a GitHub Actions static analyzer, to improve its parsing capabilities and robustness. By testing against a massive corpus of real-world workflows, they identified and fixed multiple YAML anchor handling bugs, deserialization edge cases, and expression evaluator flaws, significantly enhancing zizmor's ability to detect CI/CD misconfigurations.
#0595Palo Alto Networks8 days ago▣LLM reporthigh ROADtools is an open-source Python framework designed for Entra ID exploration that has been co-opted by nation-state threat actors like APT29 and APT33. Attackers leverage its modules to conduct extensive directory reconnaissance, register rogue devices for persistence, and manipulate OAuth tokens to bypass interactive authentication controls such as MFA. Detection relies on identifying anomalous Microsoft Graph API queries, unusual user-agent strings, and default device registration artifacts.
#0594KKaspersky8 days ago▣LLM reporthigh The Cloud Atlas APT group has updated its toolset in 2025-2026 campaigns targeting Russia and Belarus, utilizing LNK-based phishing to deploy VBCloud and PowerShower backdoors. The group establishes persistent access by patching termsrv.dll for concurrent RDP sessions and heavily relies on reverse SSH, RevSocks, and Tor for redundant C2 channels. Additionally, a new PowerShell tool named PowerCloud is used to exfiltrate administrator data to Google Sheets.
#0593Socket8 days ago▣LLM reportcritical A supply chain attack compromising the widely-used npm package 'art-template' was discovered delivering the Coruna exploit kit to iOS devices. The injected JavaScript acts as a sophisticated watering hole framework, utilizing extensive anti-bot fingerprinting and WebAssembly memory probes to deliver version-specific WebKit RCE exploits targeting Safari on iOS 11.0 through 17.2.
