Weekly Recap — 2026-05-18 -> 2026-05-25
Software Supply Chain and AI Exploitation Dominate Threat Landscape The software supply chain has become the primary battlefield for attackers because compromising a single developer tool can cascade into thousands of enterprise networks. Campaigns like Mini Shai-Hulud and TrapDoor are stealing credentials and injecting backdoors across major code registries, while the Laravel Lang Compromise and the Coruna Exploit Kit show how malicious code can automatically execute to steal secrets or exploit end users. As a result, organizations must treat developer environments as high-value targets, because a single compromised package or malicious VS Code extension can lead to catastrophic breaches like the GitHub internal repository theft by TeamPCP. In parallel, artificial intelligence is simultaneously accelerating attacks and creating dangerous new attack surfaces. Threat actors are using AI to automate influence campaigns like Patriot Bait and crack passwords, while also impersonating AI tools like Gemini CLI and Claude Code to deliver infostealers. Furthermore, attackers are directly targeting exposed AI infrastructure, such as Ollama AI endpoints, and manipulating AI coding assistants via hidden prompt injections in campaigns like TrapDoor, which means AI systems are both the weapon and the target. These trends together suggest that traditional perimeter defenses are failing against supply chain and AI-driven threats. Managers should immediately enforce strict vetting of open-source packages, restrict developer access to unverified extensions, and ensure AI infrastructure is not exposed to the public internet.
Detection / Hunteropenrouter
By the Numbers
- Total articles: 56
- By severity: Critical: 9, High: 35, Informational: 4, Low: 1, Medium: 7
- By category: APT: 6, data breach: 2, general security news: 11, malware: 19, phishing/social engineering: 4, threat actor: 1, vulnerability: 13
Top Threats
Software Supply Chain Compromise
Attackers are aggressively targeting open-source repositories and developer tools because a single compromised package can grant access to thousands of downstream networks. As a result, campaigns like Mini Shai-Hulud and TrapDoor are bypassing traditional perimeter defenses by hijacking the inherent trust developers place in code libraries and CI/CD pipelines.
- https://socket.dev/blog/antv-packages-compromised
- https://socket.dev/blog/popular-go-decimal-library-typosquat-dns-backdoor
- https://socket.dev/blog/node-ipc-package-compromised
- https://socket.dev/blog/coruna-respawned-compromised-art-template-npm-package
- https://www.varonis.com/blog/github-breach
- https://socket.dev/blog/npm-invalidates-tokens-mini-shai-hulud
- https://socket.dev/blog/malicious-postinstall-hook-found-across-700-github-repos
- https://socket.dev/blog/laravel-lang-compromise
- https://socket.dev/blog/trapdoor-crypto-stealer-npm-pypi-crates
Defense Evasion and EDR Blinding
Threat actors are increasingly focused on blinding security tools like EDR and AV because it allows them to operate freely within a network without triggering alerts. Techniques like BYOVD, NTFS junction loops (GhostTree), and malware-signing-as-a-service (Fox Tempest) let attackers disable or bypass defenses, resulting in delayed detection and easier ransomware deployment.
- https://www.huntress.com/blog/how-attackers-disable-av-edr
- https://www.varonis.com/blog/ghosttree-ntfs-trick
- https://www.microsoft.com/en-us/security/blog/2026/05/19/exposing-fox-tempest-a-malware-signing-service-operation/
- https://www.huntress.com/blog/the-gentlemen-ransomware-defense-evasion-ttps
AI as an Attack Vector and Target
Artificial intelligence is collapsing the cost of cyberattacks while simultaneously introducing new vulnerabilities, because attackers can now automate social engineering and password cracking at scale. In parallel, exposed AI endpoints like Ollama and manipulated AI coding assistants are being targeted to steal computing power and source code, which means organizations must secure their AI infrastructure just as rigorously as their traditional networks.
- https://www.trendmicro.com/en_us/research/26/e/inside-the-influence-and-fraud-patriot-bait-campaign.html
- https://blog.eclecticiq.com/seo-poisoning-campaign-leverages-gemini-and-claude-code-impersonation-to-deliver-infostealer
- https://www.akamai.com/blog/security-research/2026/may/stealthy-p2p-cryptominer-ollama-endpoints
- https://socket.dev/blog/ai-has-taken-over-open-source
Trending CVEs
- CVE-2026-9082 (3 mentions) — A critical SQL injection vulnerability in Drupal core that is actively being exploited in the wild to bypass authentication and steal data. Sources: 1, 2, 3
Sector Trends
- Technology / Software Development — The technology sector, specifically software development, is under immense pressure as attackers shift left to poison the software supply chain and target developer credentials. Because developers hold the keys to enterprise infrastructure, compromises in open-source packages and developer tools are leading to massive downstream breaches. Sources: 1, 2, 3, 4
- Financial Services — Financial services are facing a dual threat from sophisticated banking trojans like Banana RAT and massive DDoS attacks leveraging AI-enabled botnets. As a result, banks must defend against both stealthy credential theft targeting instant payment systems and brute-force infrastructure disruptions. Sources: 1, 2
Notable Incidents
- GitHub Internal Repositories Breached — Highlights how a malicious VS Code extension compromised a GitHub employee, leading to the theft of 3,800 internal repositories and proving that developer workstations are highly vulnerable initial access vectors.
- Laravel Lang Compromise — Over 700 versions of a popular Laravel translation package were backdoored to steal cloud and CI/CD secrets, demonstrating the massive blast radius of single-point failures in the open-source supply chain.