<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Diego Diaz</title>
    <description>The latest articles on DEV Community by Diego Diaz (@alejandxr).</description>
    <link>https://dev.to/alejandxr</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F4027515%2Ff89c6046-a521-4637-8043-a0c805e32802.png</url>
      <title>DEV Community: Diego Diaz</title>
      <link>https://dev.to/alejandxr</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/alejandxr"/>
    <language>en</language>
    <item>
      <title>Iran's Nimbus Manticore Deploys AI-Assisted MiniFast Backdoor via Phishing and SEO Poisoning</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Tue, 14 Jul 2026 01:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/irans-nimbus-manticore-deploys-ai-assisted-minifast-backdoor-via-phishing-and-seo-poisoning-5go5</link>
      <guid>https://dev.to/alejandxr/irans-nimbus-manticore-deploys-ai-assisted-minifast-backdoor-via-phishing-and-seo-poisoning-5go5</guid>
      <description>&lt;p&gt;&lt;strong&gt;An Iranian state-sponsored hacking group is using artificial intelligence to build backdoors, then delivering them through poisoned Google search results and phishing emails targeting the aviation and software sectors.&lt;/strong&gt; The campaign, attributed to &lt;strong&gt;Nimbus Manticore&lt;/strong&gt; (also tracked as Screening Serpens and UNC1549), represents a notable escalation in both tradecraft and toolchain: AI-assisted malware development combined with SEO poisoning at scale.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Happened
&lt;/h2&gt;

&lt;p&gt;Research published in May 2026 by &lt;a href="https://thehackernews.com/2026/05/iranian-hackers-deploy-minifast-and.html" rel="noopener noreferrer"&gt;The Hacker News&lt;/a&gt; and &lt;a href="https://aviatrix.ai/threat-research-center/iranian-hackers-deploy-minifast-and-minijunk-v2-via-phishing-and-seo-poisoning/" rel="noopener noreferrer"&gt;Aviatrix Threat Research&lt;/a&gt; linked Nimbus Manticore to a sustained espionage campaign targeting &lt;strong&gt;aviation and software organizations across the United States, Europe, and the Middle East&lt;/strong&gt;. The group — widely assessed as affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC) — deployed two malware families: &lt;strong&gt;MiniFast&lt;/strong&gt;, a compact backdoor built with AI assistance, and &lt;strong&gt;MiniJunk V2&lt;/strong&gt;, an updated variant of a previously documented loader.&lt;/p&gt;

&lt;p&gt;The campaign follows the joint U.S.-Israeli military operation against Iran earlier in 2026, suggesting the espionage push is at least in part retaliatory intelligence gathering. As &lt;a href="https://www.enigma-global.com/news/29207" rel="noopener noreferrer"&gt;Enigma Global&lt;/a&gt; reported, the lures impersonate legitimate organizations in the aviation and software sectors, using fake job offers, security alerts, and software download pages as initial infection vectors.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Dual-Channel Delivery Chain
&lt;/h2&gt;

&lt;p&gt;What makes this campaign operationally significant is its &lt;strong&gt;dual delivery infrastructure&lt;/strong&gt;: phishing and SEO poisoning working in parallel.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Phishing arm:&lt;/strong&gt; Targets receive carefully crafted emails impersonating recruiters, security teams, or vendor contacts. Attachments or links lead to trojanized installers — including a &lt;strong&gt;fake Oracle SQL Developer&lt;/strong&gt; package, as &lt;a href="https://gbhackers.com/iranian-apt-uses-seo-poisoning/" rel="noopener noreferrer"&gt;GBHackers&lt;/a&gt; documented. The SQL Developer lure is particularly clever: developers and DBAs routinely download tooling from web sources, making the trojanized package a high-confidence infection vector.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;SEO poisoning arm:&lt;/strong&gt; The group manipulates search engine results to rank malicious pages above legitimate ones. When targets search for common enterprise tools, vendor documentation, or aviation-sector resources, the poisoned results appear at the top. Users click what looks like a legitimate download page and receive the malware payload instead. As &lt;a href="https://netcrook.com/written_article?slug=minifast-minijunk-v2-seo-poisoning&amp;amp;lang=en" rel="noopener noreferrer"&gt;NetCrook&lt;/a&gt; noted, this technique "meets users where they already expect to download tools" — bypassing email security entirely.&lt;/p&gt;

&lt;p&gt;The infection chain follows a staged approach documented by Check Point Research:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;February 2026:&lt;/strong&gt; AppDomain hijacking used to deliver MiniJunk loader&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;March 2026:&lt;/strong&gt; MiniFast backdoor deployed as the primary persistence mechanism&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Ongoing:&lt;/strong&gt; SEO poisoning distributes trojanized Oracle SQL Developer and other fake tools&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  AI-Assisted Malware: The MiniFast Factor
&lt;/h2&gt;

&lt;p&gt;The most technically notable aspect of this campaign is the use of &lt;strong&gt;AI-assisted development for the MiniFast backdoor&lt;/strong&gt;. According to &lt;a href="https://aviatrix.ai/threat-research-center/iranian-hackers-deploy-minifast-and-minijunk-v2-via-phishing-and-seo-poisoning/" rel="noopener noreferrer"&gt;Aviatrix's analysis&lt;/a&gt;, MiniFast exhibits code patterns consistent with AI-generated output — including unusual variable naming conventions, redundant but functionally correct logic blocks, and boilerplate structures that differ from the group's historically hand-crafted tooling.&lt;/p&gt;

&lt;p&gt;This does not mean the malware is AI-written from scratch. Rather, it suggests Nimbus Manticore is using large language models to accelerate development: generating boilerplate, suggesting evasion techniques, or translating proof-of-concept exploits into deployable backdoors faster than manual coding would allow. The operational impact is clear: faster iteration, more variants, and a shorter window between vulnerability disclosure and weaponized exploit.&lt;/p&gt;

&lt;h2&gt;
  
  
  Impact
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Sectors at risk:&lt;/strong&gt; Aviation, software development, and by extension any organization whose employees download development tools from the web&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Geographic scope:&lt;/strong&gt; United States, Europe, and the Middle East&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Delivery channels:&lt;/strong&gt; Phishing email + SEO poisoning (dual-channel, defense-in-depth bypass)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Attribution:&lt;/strong&gt; Nimbus Manticore / Screening Serpens / UNC1549 (IRGC-affiliated)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Malware families:&lt;/strong&gt; MiniFast (AI-assisted backdoor), MiniJunk V2 (loader)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Context:&lt;/strong&gt; Escalation following joint U.S.-Israeli military operation against Iran&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  How to Protect Yourself
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Verify software downloads.&lt;/strong&gt; Always download development tools (SQL Developer, VS Code extensions, etc.) from official vendor sites or verified package managers. Check digital signatures on installers before execution.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Monitor search results for SEO poisoning.&lt;/strong&gt; Train employees — especially developers and DBAs — to verify URLs before downloading. SEO poisoning is invisible to email security tools because the initial vector is a search engine, not an inbox.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Block AppDomain hijacking.&lt;/strong&gt; Monitor for unusual .NET AppDomain activity, particularly when legitimate applications load unexpected assemblies. Endpoint detection rules for AppDomain manipulation can catch the MiniJunk delivery stage.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Deploy behavioral detection for MiniFast.&lt;/strong&gt; Signature-based detection lags behind AI-assisted malware variants. Behavioral rules — detecting unusual process injection, credential access, or C2 beaconing patterns — are more effective against rapidly iterated backdoors.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Restrict outbound connections from developer workstations.&lt;/strong&gt; MiniFast establishes command-and-control connections. Network-level egress filtering limits the attacker's ability to exfiltrate data even if the initial infection succeeds.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Monitor for IRGC-nexus threat actor IOCs.&lt;/strong&gt; Check Point Research, Aviatrix, and Enigma Global have published indicators of compromise for this campaign. Ingest these IOCs into your threat intelligence platform and SIEM.&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  The Bigger Picture
&lt;/h2&gt;

&lt;p&gt;The Nimbus Manticore campaign is a case study in how state-sponsored threat actors are adapting to the AI era. The dual-channel delivery (phishing + SEO poisoning) shows operational maturity. The use of AI-assisted malware development signals a shift in the speed and scale at which APTs can iterate on tooling.&lt;/p&gt;

&lt;p&gt;For defenders, the takeaway is clear: the attack surface is no longer just the inbox. It is the search engine, the download page, the developer toolchain. As AI lowers the barrier to building capable malware, the advantage shifts further toward volume and speed — and the organizations that survive will be the ones that assume every download is hostile until proven otherwise.&lt;/p&gt;

</description>
      <category>nimbusmanticore</category>
      <category>minifast</category>
      <category>seopoisoning</category>
      <category>phishing</category>
    </item>
    <item>
      <title>NGINX Rift: CVE-2026-42945 — An 18-Year-Old Heap Overflow Now Under Active Exploitation</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Tue, 14 Jul 2026 00:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/nginx-rift-cve-2026-42945-an-18-year-old-heap-overflow-now-under-active-exploitation-in1</link>
      <guid>https://dev.to/alejandxr/nginx-rift-cve-2026-42945-an-18-year-old-heap-overflow-now-under-active-exploitation-in1</guid>
      <description>&lt;p&gt;&lt;strong&gt;It lived in NGINX's source code for 18 years before anyone noticed. Now it has a CVE, a codename, a public proof-of-concept, and active exploitation in the wild.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;CVE-2026-42945&lt;/strong&gt;, dubbed &lt;strong&gt;NGINX Rift&lt;/strong&gt;, is a heap buffer overflow vulnerability in &lt;code&gt;ngx_http_rewrite_module&lt;/code&gt; — one of the most widely used modules in the NGINX web server ecosystem. With a CVSS score of &lt;strong&gt;9.2&lt;/strong&gt;, it allows unauthenticated attackers to crash NGINX worker processes via crafted HTTP requests, and may enable full remote code execution when ASLR (Address Space Layout Randomization) is disabled on the target system.&lt;/p&gt;

&lt;p&gt;As of May 26, 2026, VulnCheck and &lt;a href="https://thehackernews.com/2026/05/nginx-cve-2026-42945-exploited-in-wild.html" rel="noopener noreferrer"&gt;multiple researchers&lt;/a&gt; have confirmed active exploitation in the wild — just days after public disclosure.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Is NGINX Rift?
&lt;/h2&gt;

&lt;p&gt;The vulnerability is a &lt;strong&gt;heap buffer overflow&lt;/strong&gt; in the &lt;code&gt;ngx_http_rewrite_module&lt;/code&gt;, the module responsible for NGINX's &lt;code&gt;rewrite&lt;/code&gt; directive. This module is foundational — it handles URL rewriting, redirections, and conditional request routing for virtually every NGINX deployment.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://nvd.nist.gov/vuln/detail/CVE-2026-42945" rel="noopener noreferrer"&gt;According to the NVD entry&lt;/a&gt;, an unauthenticated attacker can exploit this flaw by sending crafted HTTP requests that trigger the overflow in the worker process heap. The immediate effect is a &lt;strong&gt;worker process crash&lt;/strong&gt; (denial of service), but the underlying heap corruption opens the door to &lt;strong&gt;arbitrary code execution&lt;/strong&gt; on systems where ASLR does not provide sufficient protection — such as older kernels, containers with ASLR disabled, or embedded deployments.&lt;/p&gt;

&lt;p&gt;What makes this vulnerability architecturally alarming: the rewrite module is not optional. It is compiled into NGINX by default and is used in the vast majority of configurations. If you run NGINX and use &lt;code&gt;rewrite&lt;/code&gt; directives (or any framework/framework plugin that generates them), your attack surface includes this code path.&lt;/p&gt;

&lt;h2&gt;
  
  
  18 Years in the Wild Before Disclosure
&lt;/h2&gt;

&lt;p&gt;&lt;a href="https://thehackernews.com/2026/05/18-year-old-nginx-rewrite-module-flaw.html" rel="noopener noreferrer"&gt;Researchers traced the vulnerable code back to 2008&lt;/a&gt;, making this an 18-year-old bug that survived every audit, fuzzing pass, and security review NGINX has undergone in nearly two decades. That timeline means the flaw was present through NGINX's explosive growth period, powering an estimated 30-40% of the world's web servers at peak adoption.&lt;/p&gt;

&lt;p&gt;The &lt;a href="https://kkm-mako.com/en/blog/articles/nginx-rift-cve-2026-42945/" rel="noopener noreferrer"&gt;Makko technical analysis&lt;/a&gt; confirms the vulnerability can be triggered under specific rewrite configurations by an unauthenticated remote attacker. A &lt;strong&gt;working proof-of-concept exploit is publicly available&lt;/strong&gt;, lowering the barrier for opportunistic exploitation significantly.&lt;/p&gt;

&lt;h2&gt;
  
  
  Impact: DoS Today, RCE Tomorrow
&lt;/h2&gt;

&lt;p&gt;The confirmed and theoretical impact breaks down as follows:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Denial of Service (confirmed):&lt;/strong&gt; Crafted requests crash NGINX worker processes. Repeated exploitation can exhaust the worker pool, taking down all services behind the NGINX instance.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Remote Code Execution (conditional):&lt;/strong&gt; On systems where ASLR is disabled — common in containers, IoT devices, older Linux kernels, or misconfigured cloud instances — heap corruption can be weaponized for code execution with the privileges of the NGINX worker (typically &lt;code&gt;www-data&lt;/code&gt; or &lt;code&gt;nginx&lt;/code&gt; user).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Affected products:&lt;/strong&gt; NGINX Open Source and NGINX Plus. &lt;a href="https://knightli.com/en/2026/05/15/nginx-rift-cve-2026-42945/" rel="noopener noreferrer"&gt;KnightLi's analysis&lt;/a&gt; documents specific version ranges and rewrite configurations that trigger the overflow.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;CVSS 9.2&lt;/strong&gt; — rated Critical. Unauthenticated, low complexity, no user interaction required.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The active exploitation confirmation from &lt;a href="https://www.securityweek.com/exploitation-of-critical-nginx-vulnerability-begins/" rel="noopener noreferrer"&gt;SecurityWeek and VulnCheck&lt;/a&gt; means this is not theoretical. Attackers are scanning for and hitting unpatched NGINX instances &lt;em&gt;right now&lt;/em&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to Protect Yourself
&lt;/h2&gt;

&lt;p&gt;If you run NGINX — in production, staging, or even development — act on this today:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Upgrade your NGINX packages immediately.&lt;/strong&gt; Patches are available for both NGINX Open Source and NGINX Plus. Check your vendor's advisory for the correct patched version for your deployment. If you cannot upgrade immediately, see the mitigation in step 4.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Audit your rewrite directives.&lt;/strong&gt; Review every &lt;code&gt;rewrite&lt;/code&gt; block in your NGINX configurations. The KnightLi analysis documents which specific rewrite patterns are most dangerous — audit those first.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Enable and verify ASLR.&lt;/strong&gt; Ensure ASLR is active on all systems running NGINX: &lt;code&gt;cat /proc/sys/kernel/randomize_va_space&lt;/code&gt; should return &lt;code&gt;2&lt;/code&gt;. This does not prevent the DoS but blocks the code-execution path.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Apply virtual patching if you cannot upgrade immediately.&lt;/strong&gt; Use a WAF (ModSecurity, AWS WAF, Cloudflare) to block crafted HTTP requests that match the exploit signature. Akamai published pattern details you can use to craft WAF rules.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Monitor worker process health.&lt;/strong&gt; Set up alerting for NGINX worker restarts and crash spikes. A single crash may be noise; a pattern of crashes on a production instance is exploitation.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Scan your exposure.&lt;/strong&gt; Run VulnCheck, Qualys, or Nessus scans against your NGINX instances to confirm you are not running a vulnerable version. Do not assume your cloud provider has patched this for you unless they have explicitly confirmed it.&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  The Bigger Pattern
&lt;/h2&gt;

&lt;p&gt;NGINX Rift is part of an uncomfortable trend in 2026: &lt;strong&gt;critical vulnerabilities discovered in foundational open-source code after more than a decade of undetected existence.&lt;/strong&gt; The 18-year dormancy of this heap overwrite mirrors similar discoveries in cURL (CVE-2023-38545, 9 months preview), xz (CVE-2024-3094, 2 years planted), and now NGINX's rewrite core.&lt;/p&gt;

&lt;p&gt;These are not bugs in obscure edge-case features. They are bugs in the infrastructure that the internet runs on — and attackers are getting faster at weaponizing disclosed vulnerabilities. The window between disclosure and active exploitation has collapsed from weeks to &lt;strong&gt;days&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;If you run NGINX, patch today. Not tomorrow. Today.&lt;/p&gt;

</description>
      <category>nginx</category>
      <category>cve202642945</category>
      <category>rce</category>
      <category>heapoverflow</category>
    </item>
    <item>
      <title>TrapDoor: 34+ Malicious Packages Hit npm, PyPI, and Crates.io in Coordinated Supply Chain Attack</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 23:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/trapdoor-34-malicious-packages-hit-npm-pypi-and-cratesio-in-coordinated-supply-chain-attack-28j9</link>
      <guid>https://dev.to/alejandxr/trapdoor-34-malicious-packages-hit-npm-pypi-and-cratesio-in-coordinated-supply-chain-attack-28j9</guid>
      <description>&lt;p&gt;&lt;strong&gt;34+ malicious packages. 384+ versions. Three package ecosystems hit in coordinated waves.&lt;/strong&gt; The TrapDoor supply chain campaign, first detected on May 22, 2026, is one of the most ambitious cross-ecosystem attacks against developer infrastructure this year — and it is still actively deploying.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Happened
&lt;/h2&gt;

&lt;p&gt;Starting at 8:20 PM UTC on May 22, 2026, a threat actor began publishing malicious packages across three of the world's largest open-source registries: &lt;strong&gt;npm&lt;/strong&gt; (JavaScript/Node.js), &lt;strong&gt;PyPI&lt;/strong&gt; (Python), and &lt;strong&gt;Crates.io&lt;/strong&gt; (Rust). The campaign, tracked as &lt;strong&gt;TrapDoor&lt;/strong&gt; by researchers at Socket, has sofar compromised at least 34 distinct packages spanning more than 384 published versions and artifacts.&lt;/p&gt;

&lt;p&gt;The targets were not random. The malicious packages specifically targeted developer tooling in the &lt;strong&gt;cryptocurrency, DeFi, Solana, and AI/ML ecosystems&lt;/strong&gt; — environments where a single stolen credential can drain wallets worth millions or inject backdoors into production pipelines.&lt;/p&gt;

&lt;p&gt;According to &lt;a href="https://socket.dev/blog/trapdoor-crypto-stealer-npm-pypi-crates" rel="noopener noreferrer"&gt;Socket's analysis&lt;/a&gt;, the campaign is still active as of May 26, with new packages continuing to appear across all three registries. &lt;a href="https://socradar.io/blog/trapdoor-npm-pypi-cratesio-secrets-ai-tooling" rel="noopener noreferrer"&gt;SOC Radar&lt;/a&gt; confirmed the credential-stealing payload targets environment variables, API keys, wallet seeds, and browser-stored tokens.&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical Analysis: How TrapDoor Works
&lt;/h2&gt;

&lt;p&gt;What makes TrapDoor technically notable is its &lt;strong&gt;post-publication payload mutation&lt;/strong&gt; — a technique that most supply chain attacks skip entirely.&lt;/p&gt;

&lt;p&gt;On &lt;strong&gt;PyPI&lt;/strong&gt;, the malicious packages contain code that &lt;strong&gt;auto-executes on import&lt;/strong&gt;. Instead of embedding a static payload, the package immediately fetches a remote JavaScript payload from an attacker-controlled *&lt;em&gt;GitHub Pages domain&lt;code&gt;using&lt;/code&gt;node -e`. As &lt;a href="https://byteiota.com/trapdoor-supply-chain-attack-npm-pypi-crates/" rel="noopener noreferrer"&gt;ByteIota documented&lt;/a&gt;, this lets the attacker update the malware's behavior *after&lt;/em&gt; publication without pushing a new package version — a detection-evasion step that blinds static analysis tools and most registry-level scanners.&lt;/p&gt;

&lt;p&gt;On &lt;strong&gt;npm&lt;/strong&gt; and &lt;strong&gt;Crates.io&lt;/strong&gt;, the packages use similar typosquatting and dependency-confusion strategies, masquerading as legitimate utility libraries for blockchain interaction, AI model tooling, and Solana development. Once installed, the payload:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Harvests environment variables (&lt;code&gt;.env&lt;/code&gt; files, shell profiles)&lt;/li&gt;
&lt;li&gt;Extracts credentials from config files for AWS, GCP, Docker, Kubernetes&lt;/li&gt;
&lt;li&gt;Scans browser profiles for stored session tokens and crypto wallet extensions&lt;/li&gt;
&lt;li&gt;Exfiltrates collected data to attacker-controlled endpoints via HTTPS&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://phoenix.security/trapdoor-supply-chain-ai-poisoning-npm-pypi-crates/" rel="noopener noreferrer"&gt;Phoenix Security&lt;/a&gt; noted the campaign also exhibits characteristics of &lt;strong&gt;AI poisoning&lt;/strong&gt; — several malicious packages target AI/ML pipelines where a compromised dependency could corrupt model weights or training data, not just steal credentials.&lt;/p&gt;

&lt;h2&gt;
  
  
  Impact
&lt;/h2&gt;

&lt;p&gt;The scope is difficult to quantify precisely because the attack is ongoing, but the known numbers are significant:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;34+&lt;/strong&gt; confirmed malicious packages across three ecosystems (some counts reach 36)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;384+&lt;/strong&gt; published versions and artifacts&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Three&lt;/strong&gt; of the world's largest package registries (npm, PyPI, Crates.io)&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Four&lt;/strong&gt; high-value target sectors: crypto, DeFi, Solana blockchain, AI/ML&lt;/li&gt;
&lt;li&gt;Earliest confirmed activity: &lt;strong&gt;May 22, 2026 at 8:20 PM UTC&lt;/strong&gt; — and still active 4 days later&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;As &lt;a href="https://cybersecuritynews.com/supply-chain-trapdoor-malware/" rel="noopener noreferrer"&gt;CyberSecurityNews reported&lt;/a&gt;, the coordinated nature — hitting three ecosystems simultaneously with the same payload infrastructure — suggests a well-resourced threat actor, not an opportunistic script Kiddie. &lt;a href="https://thehackernews.com/2026/05/trapdoor-supply-chain-attack-spreads.html" rel="noopener noreferrer"&gt;The Hacker News&lt;/a&gt; confirmed the campaign spans at least 384 related versions.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to Protect Yourself
&lt;/h2&gt;

&lt;p&gt;If you are a developer working with npm, PyPI, or Crates.io — especially in crypto, AI/ML, or blockchain — take these steps immediately:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Audit your dependencies.&lt;/strong&gt; Check &lt;code&gt;package.json&lt;/code&gt;, &lt;code&gt;requirements.txt&lt;/code&gt;, and &lt;code&gt;Cargo.toml&lt;/code&gt; for packages you don't recognize or that were recently added. Cross-reference against Socket's and SOC Radar's published IOCs.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Pin your dependencies&lt;/strong&gt; using lockfiles (&lt;code&gt;package-lock.json&lt;/code&gt;, &lt;code&gt;Pipfile.lock&lt;/code&gt;, &lt;code&gt;Cargo.lock&lt;/code&gt;) and verify checksums against known-good versions.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Scan for post-install scripts.&lt;/strong&gt; Any npm package with a &lt;code&gt;postinstall&lt;/code&gt; hook that reaches out to external domains during a &lt;code&gt;node -e&lt;/code&gt; call should be treated as suspicious. PyPI packages that execute network calls &lt;em&gt;on import&lt;/em&gt; are an immediate red flag.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Rotate credentials immediately&lt;/strong&gt; if you have installed any previously unknown packages in the last two weeks. Assume environment variables, API keys, and wallet seeds are compromised.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Enable 2FA on package publishing.&lt;/strong&gt; As of this week, &lt;a href="https://thehackernews.com/2026/05/npm-adds-2fa-gated-publishing-and.html" rel="noopener noreferrer"&gt;npm now requires 2FA for publishing&lt;/a&gt; — but this only protects the supply side. On the consumption side, use tools like Socket, Snyk, or Dependabot to catch malicious packages before they enter your environment.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Monitor outbound network traffic&lt;/strong&gt; from CI/CD pipelines and developer workstations. The TrapDoor payload communicates over HTTPS to attacker infrastructure — network-level detection can catch what static analysis misses.&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  The Bigger Picture
&lt;/h2&gt;

&lt;p&gt;TrapDoor is the latest in an accelerating wave of supply chain attacks targeting open-source ecosystems. It follows the &lt;a href="https://thehackernews.com/2026/05/mini-shai-hulud-worm-compromises.html" rel="noopener noreferrer"&gt;Mini Shai-Hulud worm&lt;/a&gt; that compromised TanStack and Mistral AI packages earlier this month, and the broader trend of threat actors treating package registries as primary distribution channels for malware.&lt;/p&gt;

&lt;p&gt;The cross-ecosystem nature of TrapDoor — hitting JavaScript, Python, and Rust simultaneously — signals that attackers are no longer targeting a single language community. If your organization depends on open-source software (and whose doesn't?), supply chain security is no longer optional. It is infrastructure.&lt;/p&gt;

</description>
      <category>supplychain</category>
      <category>npm</category>
      <category>pypi</category>
      <category>crates</category>
    </item>
    <item>
      <title>Gitea Container Registry Flaw Left 30,000 Private Image Repositories Wide Open for 4 Years</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 22:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/gitea-container-registry-flaw-left-30000-private-image-repositories-wide-open-for-4-years-3ic</link>
      <guid>https://dev.to/alejandxr/gitea-container-registry-flaw-left-30000-private-image-repositories-wide-open-for-4-years-3ic</guid>
      <description>&lt;h2&gt;
  
  
  What Happened
&lt;/h2&gt;

&lt;p&gt;For close to four years, every self-hosted Gitea instance with a private container registry had a gaping hole in its access controls: any person on the internet could pull private container images without an account, a password, or any credentials at all. The flaw, tracked as &lt;strong&gt;CVE-2026-27771&lt;/strong&gt;, was disclosed on May 27, 2026, by &lt;a href="https://www.noscope.com/blog/gitea-instances-exposing-private-container" rel="noopener noreferrer"&gt;NoScope&lt;/a&gt;, which estimates it affected more than &lt;strong&gt;30,000 deployments across over 30 countries&lt;/strong&gt;. &lt;a href="https://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html" rel="noopener noreferrer"&gt;The Hacker News&lt;/a&gt; confirmed the disclosure the same day, noting the vulnerability went undetected for close to four years.&lt;/p&gt;

&lt;p&gt;A separate but related vulnerability, &lt;strong&gt;CVE-2026-20912&lt;/strong&gt; (CVSS 9.1), was disclosed earlier in January 2026. That flaw allowed authenticated users to link attachments from private repositories to public releases, effectively smuggling sensitive files past access controls. &lt;a href="https://cvefeed.io/vuln/detail/CVE-2026-20912" rel="noopener noreferrer"&gt;CVE Feed&lt;/a&gt; scored it 9.1 (CRITICAL). Both were fixed — CVE-2026-20912 in Gitea 1.25.4, CVE-2026-27771 in 1.26.2 — but the window of exposure stretches back years for most instances.&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical Analysis
&lt;/h2&gt;

&lt;p&gt;The root cause of CVE-2026-27771 is straightforward: when the Gitea container registry was configured to mark a repository as "private," the access control check was never actually enforced against unauthenticated requests. The &lt;code&gt;private&lt;/code&gt; designation on a container repository did not deliver the protection operators reasonably expected. An unauthenticated HTTP request to pull an image succeeded exactly as if the repository were public.&lt;/p&gt;

&lt;p&gt;This was not a misconfiguration. NoScope reproduced the bug on a default Gitea installation with a typical configuration. There is no evidence of a config toggle that was overlooked. The permission model in the container registry module simply failed to gate image pulls behind authentication.&lt;/p&gt;

&lt;p&gt;CVE-2026-20912 is a different class of flaw: Gitea did not validate repository ownership when linking attachments to releases. An attacker with a low-privileged account could link a file uploaded to a private repository into a release on a different, public repository, making the attachment downloadable by anyone. The fix in 1.25.4 added strict ownership checks for release asset linking.&lt;/p&gt;

&lt;h2&gt;
  
  
  Who's Affected
&lt;/h2&gt;

&lt;p&gt;NoScope's扫描 found the highest concentration of exposed instances in &lt;strong&gt;China, the United States, Germany, France, and the United Kingdom&lt;/strong&gt;. Affected organizations included healthcare providers, aerospace manufacturers, retail infrastructure companies, and internet service providers. Any sector running Gitea with its built-in container registry and marking images as private was potentially exposed.&lt;/p&gt;

&lt;p&gt;The impact of a leaked container image extends far beyond source code. A container image is a complete snapshot of a production environment: application code, dependencies, configuration files, and — all too often — hard-coded database credentials, API keys, internal service endpoints, TLS certificates, and environment variables pointing at production infrastructure. In many organizations, the image is effectively a blueprint of how production is wired together.&lt;/p&gt;

&lt;p&gt;Forks of Gitea are also at risk: &lt;strong&gt;Forgejo&lt;/strong&gt; has been confirmed vulnerable. Operators of any Gitea derivative should verify with their respective maintainers whether a patch has been backported.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to Protect Yourself
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;1. Update Gitea to version 1.26.2 immediately&lt;/strong&gt; — this patches CVE-2026-27771. If you also need the CVE-2026-20912 fix, ensure you are on at least 1.25.4 (1.26.2 includes both).&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. If you can't patch right now, apply the workaround:&lt;/strong&gt; set &lt;code&gt;[service].REQUIRE_SIGNIN_VIEW=true&lt;/code&gt; in your Gitea configuration file. This forces authentication for all registry access. Note: this is not suitable if you intentionally expose some container images publicly, as it will block all unauthenticated pulls.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Audit your container images for embedded secrets.&lt;/strong&gt; Assume any image hosted on Gitea prior to patching may have been accessed. Rotate database credentials, API keys, TLS certificates, and any other secrets that were baked into images.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;4. Scan your container registry pull logs.&lt;/strong&gt; Look for unexpected anonymous pulls of private images dating back months or years. This is the only way to determine if the flaw was actively exploited before disclosure.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;5. Review your secrets management pipeline.&lt;/strong&gt; No secret should live inside a container image in the first place. Use runtime secret injection (Kubernetes secrets, HashiCorp Vault, cloud-native secret managers) rather than baking credentials into images at build time.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Sable Angle
&lt;/h2&gt;

&lt;p&gt;This is exactly the class of vulnerability that &lt;a href="https://dev.to/pricing"&gt;Sable's offensive team&lt;/a&gt; finds during infrastructure assessments — not through automated scanning alone, but by systematically exercising the access model from every angle the surface supports. The Gitea container registry flaw lived in a feature that "behaved exactly as documented" and drew no attention on a casual review. It took a methodology that tests assumptions, not just endpoints.&lt;/p&gt;

&lt;p&gt;We have tracked similar registry and supply-chain exposures in our research on &lt;a href="https://dev.to/research/trapdoor-supply-chain"&gt;multi-ecosystem supply chain attacks&lt;/a&gt; and &lt;a href="https://dev.to/research/canisterworm-npm"&gt;self-propagating npm worms&lt;/a&gt;. The pattern is consistent: the weakest link is rarely the encryption or the firewall. It is the access control that everyone assumed was working.&lt;/p&gt;

&lt;p&gt;If your team runs Gitea, Forgejo, or any self-hosted container registry, &lt;a href="https://dev.to/pricing"&gt;book a pentest&lt;/a&gt; and let us find the gaps before someone else does.&lt;/p&gt;

</description>
      <category>cve202627771</category>
      <category>containersecurity</category>
      <category>gitea</category>
      <category>devops</category>
    </item>
    <item>
      <title>Free Scan or Full Pentest? A Decision Guide for Founders Shipping a Vibe-Coded MVP</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 21:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/free-scan-or-full-pentest-a-decision-guide-for-founders-shipping-a-vibe-coded-mvp-2g9m</link>
      <guid>https://dev.to/alejandxr/free-scan-or-full-pentest-a-decision-guide-for-founders-shipping-a-vibe-coded-mvp-2g9m</guid>
      <description>&lt;p&gt;Every founder shipping an AI-built MVP hits the same fork in the road the week before launch. You ran a free security scanner, it gave you a grade, and now you're staring at a decision nobody prepared you for: &lt;strong&gt;is that scan enough, or do you actually need to pay someone to break into your app?&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;This guide answers that honestly. Not "you always need a $15,000 pentest" (you usually don't) and not "a free scan is fine, ship it" (it usually isn't). The right answer depends on three things: what you built, who your first users are, and what you're storing. Let's make the decision concrete.&lt;/p&gt;

&lt;blockquote&gt;
&lt;/blockquote&gt;

&lt;p&gt;The short version: a free scan tells you whether your &lt;em&gt;front door is locked&lt;/em&gt;. A pentest tells you whether someone can &lt;em&gt;walk through the walls&lt;/em&gt;. Most pre-launch founders need the first immediately and the second before they touch real customer data. If you're storing other people's data behind a login, you've already crossed the line where "free scan only" becomes negligent.&lt;/p&gt;

&lt;h2&gt;
  
  
  What a free scan actually checks (and what it can't)
&lt;/h2&gt;

&lt;p&gt;A free security scan — including the &lt;a href="https://dev.to/free-scan"&gt;free headers scan we run&lt;/a&gt; — is an &lt;strong&gt;unauthenticated, external&lt;/strong&gt; look at your site. It hits your public URL the way an anonymous visitor (or a bot) would, and reports what it can see from the outside. That's genuinely useful, and it catches a surprising amount:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Missing security headers&lt;/strong&gt; — no HSTS, no Content-Security-Policy, no X-Frame-Options. These are the difference between "clickjacking and XSS are hard" and "clickjacking and XSS are trivial." 89% of startup sites we scan fail this.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;TLS / HTTPS misconfiguration&lt;/strong&gt; — mixed content, weak redirects, missing HTTPS enforcement.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Information leakage in responses&lt;/strong&gt; — verbose server headers, framework versions, stack traces leaking into production.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Obvious surface-level exposure&lt;/strong&gt; — a public &lt;code&gt;.env&lt;/code&gt;, an open &lt;code&gt;/admin&lt;/code&gt; with no auth, a directory listing you forgot to disable.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Here's the hard limit: &lt;strong&gt;a free scan only sees what's reachable without logging in.&lt;/strong&gt; It cannot test the logic &lt;em&gt;behind&lt;/em&gt; your auth wall, because it doesn't have an account. And the most dangerous bugs in modern MVPs — the ones that actually leak your customers' data — live entirely behind the login.&lt;/p&gt;

&lt;h2&gt;
  
  
  What a free scan will never catch
&lt;/h2&gt;

&lt;p&gt;If you built your MVP with Cursor, v0, Lovable, or Bolt, your most likely catastrophic bug is &lt;strong&gt;BOLA&lt;/strong&gt; (Broken Object-Level Authorization, also called IDOR). It's when a logged-in user can read or modify another user's data by changing an ID in a request. We scanned 100 vibe-coded apps and &lt;strong&gt;73 of them had a BOLA.&lt;/strong&gt; A free external scan finds &lt;em&gt;zero&lt;/em&gt; of them, because finding one requires logging in as User A and successfully fetching User B's records.&lt;/p&gt;

&lt;p&gt;Here's the bug that ends startups, and why a scanner can't see it:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight typescript"&gt;&lt;code&gt;&lt;span class="c1"&gt;// app/api/invoices/[id]/route.ts — the auth check is there...&lt;/span&gt;
&lt;span class="k"&gt;export&lt;/span&gt; &lt;span class="k"&gt;async&lt;/span&gt; &lt;span class="kd"&gt;function&lt;/span&gt; &lt;span class="nf"&gt;GET&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;req&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="nx"&gt;params&lt;/span&gt; &lt;span class="p"&gt;})&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt;
  &lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;session&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nf"&gt;getServerSession&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;authOptions&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;
  &lt;span class="k"&gt;if &lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="o"&gt;!&lt;/span&gt;&lt;span class="nx"&gt;session&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt; &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="nx"&gt;Response&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;json&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt; &lt;span class="na"&gt;error&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="dl"&gt;'&lt;/span&gt;&lt;span class="s1"&gt;unauthorized&lt;/span&gt;&lt;span class="dl"&gt;'&lt;/span&gt; &lt;span class="p"&gt;},&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="na"&gt;status&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="mi"&gt;401&lt;/span&gt; &lt;span class="p"&gt;})&lt;/span&gt;

  &lt;span class="c1"&gt;// ...but the OWNERSHIP check is missing.&lt;/span&gt;
  &lt;span class="kd"&gt;const&lt;/span&gt; &lt;span class="nx"&gt;invoice&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="k"&gt;await&lt;/span&gt; &lt;span class="nx"&gt;db&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;invoice&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;findUnique&lt;/span&gt;&lt;span class="p"&gt;({&lt;/span&gt; &lt;span class="na"&gt;where&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="p"&gt;{&lt;/span&gt; &lt;span class="na"&gt;id&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt; &lt;span class="nx"&gt;params&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;id&lt;/span&gt; &lt;span class="p"&gt;}&lt;/span&gt; &lt;span class="p"&gt;})&lt;/span&gt;
  &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="nx"&gt;Response&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nf"&gt;json&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nx"&gt;invoice&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;
&lt;span class="p"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;To a scanner, that endpoint returns &lt;code&gt;401 Unauthorized&lt;/code&gt; — it looks &lt;em&gt;secure&lt;/em&gt;. To a logged-in attacker iterating &lt;code&gt;/api/invoices/1&lt;/code&gt; → &lt;code&gt;/api/invoices/2&lt;/code&gt;, it returns every customer's billing data. The fix is one clause (&lt;code&gt;where: { id: params.id, ownerId: session.user.id }&lt;/code&gt;), but no unauthenticated tool can tell you it's missing.&lt;/p&gt;

&lt;p&gt;The same blind spot applies to the rest of the bugs that matter most after launch:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Supabase / Firebase tables without Row-Level Security&lt;/strong&gt; — the public anon key in your client bundle can read tables you never meant to expose. 83% of exposed Supabase instances have this.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Privilege escalation&lt;/strong&gt; — a normal user flipping a &lt;code&gt;role&lt;/code&gt; field, or hitting an admin route that only checks "logged in," not "is admin."&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Auth-flow flaws&lt;/strong&gt; — password reset tokens that don't expire, session fixation, OAuth state that isn't validated.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Injection behind forms&lt;/strong&gt; — SQL/NoSQL injection in a search box that the scanner never authenticated past.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Business-logic abuse&lt;/strong&gt; — negative quantities, coupon stacking, race conditions on credit. No automated tool understands your business rules.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  The decision framework
&lt;/h2&gt;

&lt;p&gt;Run the free scan &lt;strong&gt;first, always.&lt;/strong&gt; It's free, it takes three seconds, and if you fail the headers check you have homework before anything else is worth doing. Then use this to decide what comes next.&lt;/p&gt;

&lt;h3&gt;
  
  
  A free scan is enough (for now) if ALL of these are true:
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Your app is a &lt;strong&gt;static or marketing site&lt;/strong&gt; with no login and no user data.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;You're &lt;strong&gt;pre-users&lt;/strong&gt; — a waitlist or a landing page, nothing behind auth yet.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;You store &lt;strong&gt;no personal data, no payments, no credentials&lt;/strong&gt; belonging to anyone but you.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If that's you, fix your headers, enable HTTPS properly, and get back to building. Come back when you add a login.&lt;/p&gt;

&lt;h3&gt;
  
  
  You need a real test the moment ANY of these is true:
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;You have a &lt;strong&gt;login and a database&lt;/strong&gt; — the instant users can create accounts, BOLA and broken access control become your #1 risk, and only an authenticated test finds them.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;You store &lt;strong&gt;customer PII, health, financial, or messaging data&lt;/strong&gt; — a single IDOR here is a disclosure email and possibly a regulatory event.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;You're &lt;strong&gt;taking payments&lt;/strong&gt; or handling money/credits — business-logic abuse is invisible to scanners and expensive when found in production.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;A &lt;strong&gt;customer or investor is asking about security&lt;/strong&gt; — "we ran a free scanner" is not an answer to a B2B procurement questionnaire.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;You built it with an &lt;strong&gt;AI assistant and never wrote the auth middleware yourself&lt;/strong&gt; — the failure modes are predictable and consistent, which is exactly why they need a human to chase the chains.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  "Real test" doesn't have to mean a $15,000 enterprise pentest
&lt;/h2&gt;

&lt;p&gt;This is where founders freeze. They assume the only options are "free scanner" and "hire a Big Four firm for the price of a developer." There's a middle that's built exactly for pre-launch startups: a &lt;strong&gt;focused, authenticated pentest scoped to your actual app&lt;/strong&gt; — your auth flows, your API objects, your data isolation — not a 200-page compliance artifact you don't need yet.&lt;/p&gt;

&lt;p&gt;That's the gap Sable fills. A real human runs an authenticated test against your stack, calibrated for indie and early-stage codebases, and you get back the findings that actually matter — with proof-of-concept repos so you can see &lt;em&gt;and reproduce&lt;/em&gt; the bug, not just a CVSS number. A &lt;a href="https://dev.to/#pricing"&gt;Pre-Launch Check starts at $29&lt;/a&gt;, which is roughly the cost of the lunch you'd buy the security consultant you can't afford.&lt;/p&gt;

&lt;p&gt;The rule of thumb: &lt;strong&gt;match the test to the blast radius.&lt;/strong&gt; No users, no data → free scan. Login plus data → authenticated pentest before you onboard customer #1. Payments, PII at scale, or an enterprise buyer → a recurring engagement with continuous monitoring, because the bugs come back every time your AI assistant generates a new route.&lt;/p&gt;

&lt;h2&gt;
  
  
  The launch-week sequence that actually works
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Run the free scan today.&lt;/strong&gt; It's the cheapest signal you'll ever get. &lt;a href="https://dev.to/free-scan"&gt;Scan your site free →&lt;/a&gt;&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Fix every red header.&lt;/strong&gt; Copy-paste configs exist for Next.js, Vercel, Nginx, and Cloudflare; this is an afternoon, not a sprint.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Do the 5-minute self-audit&lt;/strong&gt; on your own auth: log in as two users and try to read each other's data. If you can, you have a BOLA and you are not ready to launch.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Get an authenticated test before user #1&lt;/strong&gt; if you store anyone's data. This is the step that separates the founders who make the news from the ones who don't.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Re-test on every major release.&lt;/strong&gt; AI assistants regenerate the same bug classes each time you add a feature — security isn't one-and-done.&lt;/p&gt;&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  FAQ
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Can't I just run an open-source scanner like OWASP ZAP myself?
&lt;/h3&gt;

&lt;p&gt;You can, and you should learn it. But automated scanners — free or open-source — share the same blind spot: they don't understand your business logic or your data-ownership model, which is where the dangerous bugs live. They find the easy 30%. The 70% that ends startups needs a human who can log in as two users and chain three small flaws into a full data breach.&lt;/p&gt;

&lt;h3&gt;
  
  
  How much does a startup pentest actually cost in 2026?
&lt;/h3&gt;

&lt;p&gt;Enterprise engagements run $10k–$30k and are scoped for codebases you don't have yet. Startup-focused testing is dramatically cheaper because the scope is tight: Sable's Pre-Launch Check is $29, Founder Shield $79, and Scale Secure $199. The point isn't "cheap" — it's &lt;em&gt;right-sized&lt;/em&gt;. You're paying for the auth-flow and access-control findings, not a compliance binder.&lt;/p&gt;

&lt;h3&gt;
  
  
  I passed the free scan with an A. Am I safe?
&lt;/h3&gt;

&lt;p&gt;You have good headers. That's the front door. It says nothing about whether a logged-in user can read another user's records, which is the bug that actually breaches startups. An A on the free scan and a BOLA in your API can coexist happily — we see it constantly.&lt;/p&gt;

&lt;h3&gt;
  
  
  Do I need this if I'm using a no-code platform?
&lt;/h3&gt;

&lt;p&gt;Yes, and arguably more. No-code and AI-code platforms ship the same default-insecure patterns (RLS disabled, missing ownership checks) at scale, and the CVE-2025-48757 Lovable disclosure exposed 170+ generated apps — one with 13,000 user records — through exactly this class of bug.&lt;/p&gt;

&lt;h2&gt;
  
  
  The bottom line
&lt;/h2&gt;

&lt;p&gt;A free scan is necessary and almost never sufficient. Run it first — it's free and it's honest about your external surface. But the moment your app has a login and a database, the decision is already made for you: the bugs that matter are invisible from the outside, and you need someone to log in and try the doors.&lt;/p&gt;

&lt;p&gt;Start where it costs nothing. &lt;a href="https://dev.to/free-scan"&gt;Run the free scan now&lt;/a&gt;, fix what it flags, and if you're storing anyone's data behind a login, &lt;a href="https://dev.to/#pricing"&gt;book the $29 Pre-Launch Check&lt;/a&gt; before you onboard your first real user. Your future self — the one not writing a breach-disclosure email during launch week — will thank you.&lt;/p&gt;

</description>
      <category>pentest</category>
      <category>freescan</category>
      <category>startup</category>
      <category>prelaunch</category>
    </item>
    <item>
      <title>June 2026 Patch Tuesday: An Actively-Exploited Chrome Zero-Day and a Wormable Windows RCE</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 20:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/june-2026-patch-tuesday-an-actively-exploited-chrome-zero-day-and-a-wormable-windows-rce-43il</link>
      <guid>https://dev.to/alejandxr/june-2026-patch-tuesday-an-actively-exploited-chrome-zero-day-and-a-wormable-windows-rce-43il</guid>
      <description>&lt;p&gt;Every month brings a Patch Tuesday, and most of them blur together. This one shouldn't. Two of the June 2026 fixes change the math on &lt;em&gt;when&lt;/em&gt; you patch, not just &lt;em&gt;whether&lt;/em&gt; you do.&lt;/p&gt;

&lt;h2&gt;
  
  
  The two that matter
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;CVE-2026-11645&lt;/strong&gt; is an out-of-bounds read and write in V8, the JavaScript and WebAssembly engine inside Google Chrome (CVSS 8.8). The detail that matters: it is &lt;strong&gt;already being exploited in the wild&lt;/strong&gt;. Google shipped the fix on June 9. If your team or your users browse the web in Chrome — or any Chromium-based browser — this is a "today" problem, not a "this sprint" problem.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;CVE-2026-45657&lt;/strong&gt; is a remote code execution flaw in the Windows Kernel, rated CVSS 9.8. It is &lt;strong&gt;unauthenticated and wormable&lt;/strong&gt;: an attacker can run code at SYSTEM level with no user interaction, and a bug like that is the raw material for self-propagating malware. There is no confirmed exploitation yet — which is exactly the window you want to patch in.&lt;/p&gt;

&lt;h2&gt;
  
  
  What "actively exploited" actually changes
&lt;/h2&gt;

&lt;p&gt;A normal CVSS-8 bug gives you a runway: triage, schedule, test, deploy over a couple of weeks. "Actively exploited" deletes that runway. It means a working exploit already exists, attackers are already using it, and every hour you wait is an hour you are knowingly exposed to a known technique. For CVE-2026-11645, the only correct patch timeline is "now."&lt;/p&gt;

&lt;p&gt;The wormable kernel bug is the inverse risk: nobody is using it &lt;em&gt;yet&lt;/em&gt;, but the moment a reliable exploit goes public, mass scanning starts within hours. The early-stage teams that get hit are the ones who told themselves "we'll get to it after the launch."&lt;/p&gt;

&lt;h2&gt;
  
  
  The patch-now checklist
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Chrome / Chromium everywhere.&lt;/strong&gt; Force-update Chrome on every machine, plus Edge, Brave, and anything Electron-based that bundles Chromium. Verify the version — don't assume auto-update ran.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Windows hosts, servers first.&lt;/strong&gt; Apply the June cumulative update to internet-facing Windows servers before workstations. A wormable, unauthenticated kernel RCE is worst where it is reachable.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Inventory what you actually run.&lt;/strong&gt; You can't patch the Chromium you forgot ships inside your desktop app or your CI runners.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Confirm, don't trust.&lt;/strong&gt; "Patch deployed" and "patch applied and rebooted" are different states. Kernel patches usually need the reboot.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Where this fits
&lt;/h2&gt;

&lt;p&gt;Patching your stack is step zero — the part you get no credit for until you skip it. What it does not cover is the code &lt;em&gt;you&lt;/em&gt; shipped: the wildcard CORS, the secret in the repo, the auth check that isn't quite a check. That is the layer Sable scans for. But none of it matters if the box underneath is running a kernel an attacker can own for free. Patch first, then go find what your own app is leaking.&lt;/p&gt;

</description>
      <category>cve202611645</category>
      <category>cve202645657</category>
      <category>patchtuesday</category>
      <category>chrome</category>
    </item>
    <item>
      <title>CVE-2026-42271: How a Popular AI Gateway Became an RCE Vector — And What to Audit in Your Stack</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 19:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/cve-2026-42271-how-a-popular-ai-gateway-became-an-rce-vector-and-what-to-audit-in-your-stack-2718</link>
      <guid>https://dev.to/alejandxr/cve-2026-42271-how-a-popular-ai-gateway-became-an-rce-vector-and-what-to-audit-in-your-stack-2718</guid>
      <description>&lt;h2&gt;
  
  
  The Vulnerability
&lt;/h2&gt;

&lt;p&gt;On May 8, 2026, &lt;a href="https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g" rel="noopener noreferrer"&gt;BerriAI disclosed CVE-2026-42271&lt;/a&gt;, a command-injection flaw in LiteLLM — one of the most widely deployed open-source AI gateways. The vulnerability scored CVSS 8.8 and affects every release from version 1.74.2 to before 1.83.7. By June 9, CISA had added it to the &lt;a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-42271" rel="noopener noreferrer"&gt;Known Exploited Vulnerabilities (KEV) catalog&lt;/a&gt;, confirming active exploitation in the wild.&lt;/p&gt;

&lt;p&gt;The root cause lives in two MCP-server preview endpoints: &lt;code&gt;POST /mcp-rest/test/connection&lt;/code&gt; and &lt;code&gt;POST /mcp-rest/test/tools/list&lt;/code&gt;. These endpoints accept a full server configuration in the request body — including the &lt;code&gt;command&lt;/code&gt;, &lt;code&gt;args&lt;/code&gt;, and &lt;code&gt;env&lt;/code&gt; fields used by the stdio transport. When an authenticated user (or an attacker who chains this with the separate Starlette host-header bypass, CVE-2026-48710) sends a crafted payload, the injected command executes on the host with the privileges of the LiteLLM process. No sandboxing. No allowlist. Direct OS-level command execution.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Matters for AI-Heavy Teams
&lt;/h2&gt;

&lt;p&gt;LiteLLM has become the default glue layer for teams building AI-powered products. It normalizes API calls across OpenAI, Anthropic, Google, and dozens of open-weight models. If you've deployed an LLM feature in the last 12 months, there's a non-trivial chance LiteLLM sits somewhere in your stack — in front of your RAG pipeline, your agent framework, or your internal tool-calling layer.&lt;/p&gt;

&lt;p&gt;That popularity is exactly what makes this an attack-surface problem, not just a single-CVE problem. The MCP (Model Context Protocol) integration that the vulnerable endpoints serve is the same pattern teams use to connect LLMs to external tools: databases, code execution sandboxes, file systems, APIs. Every MCP server you plug in via stdio transport carries its own &lt;code&gt;command&lt;/code&gt; and &lt;code&gt;args&lt;/code&gt;. If the gateway doesn't strictly validate those fields, the tool-calling feature becomes a command-injection feature.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://thehackernews.com/2026/06/litellm-flaw-cve-2026-42271-exploited.html" rel="noopener noreferrer"&gt;The Hacker News reported&lt;/a&gt; that the flaw chains to unauthenticated RCE when combined with the Starlette host-header bypass — meaning an attacker who can reach the LiteLLM HTTP interface doesn't even need valid credentials.&lt;/p&gt;

&lt;h2&gt;
  
  
  What to Audit in Your AI Stack Right Now
&lt;/h2&gt;

&lt;p&gt;If you run LiteLLM (or any AI gateway that proxies model calls and manages tool integrations), here's a concrete checklist:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Version check:&lt;/strong&gt; Are you on LiteLLM ≥ 1.83.7? If not, upgrade immediately. This is a one-line fix in the stdio transport handler.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Endpoint exposure:&lt;/strong&gt; Are &lt;code&gt;/mcp-rest/test/connection&lt;/code&gt; and &lt;code&gt;/mcp-rest/test/tools/list&lt;/code&gt; reachable from untrusted networks? If you don't use MCP server preview, disable or remove these endpoints entirely.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Authentication boundary:&lt;/strong&gt; Even though CVE-2026-42271 requires authentication on its own, the Starlette bypass (CVE-2026-48710) removes that barrier. Treat the entire LiteLLM HTTP surface as public-facing until both are patched.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Process privileges:&lt;/strong&gt; What user does the LiteLLM process run as? If it's root (common in containerized deployments that haven't been hardened), command injection means full container escape. Run as a non-root user with minimal capabilities.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;MCP server inventory:&lt;/strong&gt; List every MCP server your gateway is configured to call. Review the &lt;code&gt;command&lt;/code&gt; and &lt;code&gt;args&lt;/code&gt; for each. If any accept user-controlled input, that's a second-order injection risk.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  The Bigger Pattern: AI Tooling Is Now Supply Chain
&lt;/h2&gt;

&lt;p&gt;This isn't the first time an AI infrastructure component has turned into an attack vector, and it won't be the last. The Hugging Face ecosystem saw two critical CVEs in May 2026 (CVE-2026-0599 and CVE-2026-25874). The pattern is consistent: open-source AI tooling moves fast, security reviews lag, and the resulting components end up in production with the same trust level as a battle-tested web server — without the same hardening.&lt;/p&gt;

&lt;p&gt;For early-stage teams especially, the lesson is not "don't use open-source AI tools." It's: &lt;strong&gt;every dependency in your AI pipeline needs the same scrutiny you'd give a database driver or an auth library&lt;/strong&gt;. That means version pinning, CVE monitoring, least-privilege deployment, and network segmentation between your AI gateway and the rest of your infrastructure.&lt;/p&gt;

&lt;p&gt;LiteLLM patched this in 1.83.7. The fix is already out. The question is whether your deployment is running it.&lt;/p&gt;

</description>
      <category>cve202642271</category>
      <category>litellm</category>
      <category>aigateway</category>
      <category>commandinjection</category>
    </item>
    <item>
      <title>UNC6508: PRC Spies Exploit REDCap Servers to Infiltrate US Medical Research for 2 Years</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 18:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/unc6508-prc-spies-exploit-redcap-servers-to-infiltrate-us-medical-research-for-2-years-42m8</link>
      <guid>https://dev.to/alejandxr/unc6508-prc-spies-exploit-redcap-servers-to-infiltrate-us-medical-research-for-2-years-42m8</guid>
      <description>&lt;h2&gt;
  
  
  What Happened
&lt;/h2&gt;

&lt;p&gt;A threat actor tracked as UNC6508 — a China-nexus espionage group — infiltrated US medical research institutions and remained undetected inside their networks from September 2023 through at least November 2025, according to &lt;a href="https://cloud.google.com/blog/topics/threat-intelligence/prc-targets-us-medical-research" rel="noopener noreferrer"&gt;Google's Threat Intelligence team&lt;/a&gt;. The campaign targeted academic medical centers, private research organizations, military health institutions, and regulatory bodies across North America.&lt;/p&gt;

&lt;p&gt;What makes this operation notable is not just its duration or targets, but the attacker's patience: UNC6508 spent nearly two years quietly embedded in research environments, exfiltrating sensitive data while blending into daily institutional workflows. The campaign was also covered by &lt;a href="https://cybersecuritynews.com/prc-nexus-hackers-exploit-redcap-servers/" rel="noopener noreferrer"&gt;CyberSecurityNews&lt;/a&gt; and &lt;a href="https://gbhackers.com/prc-nexus-hackers-abuse-redcap-servers/" rel="noopener noreferrer"&gt;GBHackers&lt;/a&gt;, which independently confirmed the scope of the intrusion.&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical Analysis
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Initial Access via Legacy REDCap.&lt;/strong&gt; UNC6508 gained initial access by exploiting legacy, unpatched versions of REDCap — an open-source electronic data capture platform widely used in clinical and academic research. Attackers specifically targeted institutions running legacy REDCap instances alongside current versions, allowing them to exploit known vulnerabilities in the older installation while remaining unnoticed.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Web Shell Deployment (help.php).&lt;/strong&gt; After gaining access, the actors deployed a web shell named &lt;code&gt;help.php&lt;/code&gt; on compromised REDCap servers, establishing persistent remote access to the underlying infrastructure.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;INFINITERED Malware — a Three-Component Toolkit.&lt;/strong&gt; UNC6508 deployed a custom malware family dubbed INFINITERED, consisting of three distinct components: a &lt;strong&gt;dropper&lt;/strong&gt; that injects itself into upgrade packages to survive legitimate software updates, surviving patches that would normally eliminate compromise; a &lt;strong&gt;credential harvester&lt;/strong&gt; that captures plaintext credentials from POST requests passing through the web application; and a &lt;strong&gt;C2 backdoor&lt;/strong&gt; that receives commands via the REDCAP-TOKEN cookie, blending malicious communications with legitimate application traffic.&lt;/p&gt;

&lt;h2&gt;
  
  
  Novel Exfiltration: Abuse of Google Workspace Compliance Rules
&lt;/h2&gt;

&lt;p&gt;Perhaps the most ingenious aspect of the campaign was the exfiltration method. UNC6508 created a mail compliance rule inside compromised institutions' Google Workspace environments — named &lt;em&gt;"Patroit"&lt;/em&gt; — that used regex patterns to match intelligence-related keywords in emails. Any email matching these patterns (related to medical research, military health topics, etc.) was silently BCC-reenviated to a Gmail account controlled by the actor.&lt;/p&gt;

&lt;p&gt;This approach provided several advantages for the attacker: encrypted email transit to Google's servers (no suspicious outbound connections), institutional trust in Google Workspace reducing suspicion, and a self-sustaining collection pipeline that operated automatically once the rule was in place.&lt;/p&gt;

&lt;h2&gt;
  
  
  Who's Affected
&lt;/h2&gt;

&lt;p&gt;The campaign's targeting profile indicates strategic intelligence gathering rather than financial gain:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Academic medical centers&lt;/strong&gt; — university-affiliated research hospitals across North America&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Private medical research organizations&lt;/strong&gt; — pharmaceutical and biotech research companies&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Military health institutions&lt;/strong&gt; — Department of Defense medical research facilities&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Regulatory bodies&lt;/strong&gt; — organizations involved in medical device and drug approval processes&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The scope of compromised data — spanning clinical trial data, unpublished research findings, patient studies, and military health intelligence — represents a significant strategic intelligence haul for the PRC's biomedical and defense research sectors.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to Protect Your Organization
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;1. Enforce 2SV on all admin accounts.&lt;/strong&gt; Require two-step verification for all users with administrative privileges on REDCap servers and connected systems. Credential harvesting was a core component of this campaign, and 2SV directly mitigates stolen credentials.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Eliminate or update legacy REDCap instances.&lt;/strong&gt; Audit your network for outdated REDCap deployments running alongside current versions. The coexistence of legacy and modern instances was the primary attack vector. Uninstall legacy versions entirely.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Audit compliance/mail forwarding rules.&lt;/strong&gt; Review all content compliance and mail routing rules in Google Workspace (or equivalent platforms) for unauthorized rules with regex patterns or external forwarding addresses. Pay special attention to rules named generically or with automated-sounding labels.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;4. Monitor REDCap file integrity.&lt;/strong&gt; Deploy file integrity monitoring on REDCap web directories, specifically watching for unexpected PHP files like &lt;code&gt;help.php&lt;/code&gt;. Google's Threat Intelligence team has published &lt;a href="https://cloud.google.com/blog/topics/threat-intelligence/prc-targets-us-medical-research" rel="noopener noreferrer"&gt;YARA rules and IOCs&lt;/a&gt; for INFINITERED.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;5. Network segmentation for research infrastructure.&lt;/strong&gt; Isolate REDCap servers from broader institutional research networks to limit lateral movement in case of compromise.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Sable Angle
&lt;/h2&gt;

&lt;p&gt;UNC6508's campaign against medical research is a textbook example of a persistent, low-and-slow intrusion designed to exfiltrate strategic intelligence over extended periods. The group's exploitation of legacy software alongside current versions, custom multi-component malware that survives updates, and abuse of trusted platforms like Google Workspace for exfiltration reflects a mature adversary operating with patience and operational security.&lt;/p&gt;

&lt;p&gt;At &lt;a href="https://dev.to/pricing"&gt;Sable&lt;/a&gt;, our offensive security researchers regularly encounter similar persistence mechanisms and understand how threat actors exploit the gaps between legacy and modern infrastructure. Similar &lt;a href="https://dev.to/research/vendor-advisories"&gt;research-focused threats&lt;/a&gt; continue to emerge — from &lt;a href="https://dev.to/research/cve-2026-21262"&gt;critical CVEs in research platforms&lt;/a&gt; to supply chain compromises targeting healthcare organizations.&lt;/p&gt;

</description>
      <category>prcespionage</category>
      <category>redcap</category>
      <category>unc6508</category>
      <category>medicalresearch</category>
    </item>
    <item>
      <title>Oracle E-Business Suite CVE‑2026‑46817: Critical Authentication Bypass in Oracle Payments</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 17:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/oracle-e-business-suite-cve-2026-46817-critical-authentication-bypass-in-oracle-payments-4eh0</link>
      <guid>https://dev.to/alejandxr/oracle-e-business-suite-cve-2026-46817-critical-authentication-bypass-in-oracle-payments-4eh0</guid>
      <description>&lt;h2&gt;
  
  
  What Happened
&lt;/h2&gt;

&lt;p&gt;On June 30, 2026, security outlets reported that CVE‑2026‑46817, a critical authentication‑bypass vulnerability affecting the Oracle Payments module of Oracle E‑Business Suite, is being actively exploited in the wild. The vulnerability carries a CVSS score of 9.8, indicating a severe impact. According to &lt;a href="https://thehackernews.com/2026/06/oracle-e-business-suite-flaw-cve-2026.html" rel="noopener noreferrer"&gt;The Hacker News&lt;/a&gt;, attackers can reach the vulnerable component over the network without any valid credentials.&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical Analysis
&lt;/h2&gt;

&lt;p&gt;The flaw resides in the Oracle Payments component of Oracle E‑Business Suite. It is classified as an improper privilege management or authentication bypass issue. Unauthenticated attackers who can reach the affected HTTP endpoints can gain privileged access to the Oracle Payments system, potentially taking full control of the ERP module. The vulnerability affects versions 12.2.3 through 12.2.15 of the suite. No public proof‑of‑concept or detailed exploit mechanics have been disclosed; the specific technical details of the attack vector remain undisclosed, as highlighted by both &lt;a href="https://securityaffairs.com/194463/security/attackers-actively-exploit-the-oracle-e-business-suite-flaw-cve-2026-46817.html" rel="noopener noreferrer"&gt;Security Affairs&lt;/a&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  Who’s Affected
&lt;/h2&gt;

&lt;p&gt;Enterprises running the affected Oracle Payments module across a broad range of industries are at risk. While exact numbers of impacted installations are not publicly known, the vulnerability’s severity and the fact that it is being actively exploited suggest a wide exposure. The recent activity mirrors previous attacks on Oracle ERP products, such as the exploitation of CVE‑2026‑35273 in Oracle PeopleSoft PeopleTools by the ShinyHunters group earlier in 2026.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to Protect Yourself
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Apply the latest Oracle Critical Patch Update (CPU).&lt;/strong&gt; Oracle released a patch for CVE‑2026‑46817 in its most recent &lt;a href="https://www.oracle.com/security-alerts/" rel="noopener noreferrer"&gt;Critical Patch Update&lt;/a&gt; of the previous month. Administrators should verify the patch is applied and restart the affected services.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Restrict network access.&lt;/strong&gt; Limit exposure of the Oracle Payments web endpoints to trusted internal networks or VPNs. Use firewalls or Web Application Firewalls (WAF) to block unauthenticated traffic.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Monitor for suspicious activity.&lt;/strong&gt; Review web server logs for unusual requests to Oracle Payments URLs and set up IDS/IPS signatures that can detect attempts to exploit authentication bypasses.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Conduct regular security assessments.&lt;/strong&gt; Validate that all Oracle E‑Business Suite instances are patched and not exposed to the internet without proper controls.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  The Sable Angle
&lt;/h2&gt;

&lt;p&gt;Sable helps organizations identify exposed Oracle E‑Business Suite instances and verify that the required CPU patches are applied. Our assessments focus on discovering internet‑facing ERP deployments, testing for unauthenticated access, and providing remediation guidance. By partnering with Sable, you can gain confidence that your Oracle Payments environment is not susceptible to the current exploitation trend. Learn more about our services at &lt;a href="https://dev.to/pricing"&gt;Sable pricing&lt;/a&gt;.&lt;/p&gt;

</description>
      <category>oracle</category>
      <category>ebs</category>
      <category>payments</category>
      <category>cve202646817</category>
    </item>
    <item>
      <title>Microsoft SharePoint Server Remote Code Execution (CVE‑2026‑45659) Actively Exploited</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 16:21:59 +0000</pubDate>
      <link>https://dev.to/alejandxr/microsoft-sharepoint-server-remote-code-execution-cve-2026-45659-actively-exploited-4kk4</link>
      <guid>https://dev.to/alejandxr/microsoft-sharepoint-server-remote-code-execution-cve-2026-45659-actively-exploited-4kk4</guid>
      <description>&lt;h2&gt;
  
  
  What Happened
&lt;/h2&gt;

&lt;p&gt;The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a high‑severity vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on July 2, 2026. The flaw, tracked as &lt;strong&gt;CVE‑2026‑45659&lt;/strong&gt; with a CVSS score of &lt;strong&gt;8.8&lt;/strong&gt;, affects Microsoft SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016. It is a deserialization‑of‑untrusted‑data bug that allows an &lt;a href="https://thehackernews.com/2026/07/sharepoint-rce-cve-2026-45659-added-to.html" rel="noopener noreferrer"&gt;authenticated attacker with just Site Member permissions&lt;/a&gt; to execute arbitrary code over the network.&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical Analysis
&lt;/h2&gt;

&lt;p&gt;Deserialization vulnerabilities arise when an application processes serialized objects without proper validation. In SharePoint, the flaw resides in the handling of certain object streams used by the server’s backend services. When a malicious payload is supplied, the server deserializes it and runs attacker‑controlled code. Because the vulnerability is network‑based, exploitation requires only a valid SharePoint credential – no administrative rights are needed. Microsoft’s advisory notes that the attack complexity is low (AC:L) and the required privileges are minimal (PR:L). The bug was addressed in May 2026; Microsoft released patches for the affected versions – SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016 – &lt;a href="https://thehackernews.com/2026/05/microsoft-patches-sharepoint-rce-flaw.html" rel="noopener noreferrer"&gt;[Microsoft patch details]&lt;/a&gt;. However, the vulnerability was inadvertently omitted from the May security update announcement, leaving many systems exposed.&lt;/p&gt;

&lt;h2&gt;
  
  
  Who’s Affected
&lt;/h2&gt;

&lt;p&gt;Any organization running on‑premises SharePoint Server versions listed above is at risk. Shadowserver reports that over &lt;strong&gt;10,000&lt;/strong&gt; SharePoint instances are publicly reachable on the internet, many of which likely host outdated software. Federal civilian agencies have been specifically warned to remediate by July 4, 2026, but the exposure spans private enterprises, universities, and government contractors worldwide. Attackers can leverage the foothold to move laterally across internal networks, exfiltrate sensitive documents, or deploy ransomware payloads. The active exploitation signal from CISA suggests that threat actors are already weaponising the flaw in the wild.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to Protect Yourself
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Apply Microsoft’s May 2026 patches immediately on all SharePoint Server instances. Verify the installed versions match the patched releases.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Enable multi‑factor authentication (MFA) for all SharePoint accounts. Reducing the pool of valid credentials mitigates the low‑privilege authentication vector.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Conduct an internet‑exposure scan (e.g., using Shodan or Shadowserver data) to identify any externally accessible SharePoint servers. Block inbound traffic at the perimeter where feasible.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Review audit logs for unusual access patterns, especially login events from non‑corporate IP ranges or repeated failed attempts.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Implement strict least‑privilege assignments: ensure users only have the permissions required for their role, removing unnecessary Site Member rights.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  The Sable Angle
&lt;/h2&gt;

&lt;p&gt;At Sable we routinely audit on‑premises collaboration platforms for exactly these kinds of deserialization flaws. Our recent research into supply‑chain attacks highlighted how a single unpatched service can become the launchpad for nation‑state actors &lt;a href="https://sable.somoswilab.com/research/openclaw" rel="noopener noreferrer"&gt;[OpenClaw research]&lt;/a&gt;. By combining automated scanning with threat‑intelligence feeds, we can surface vulnerable SharePoint installations before attackers do.&lt;/p&gt;

&lt;p&gt;If you need a deeper dive into how the vulnerability interacts with custom SharePoint web parts, check out our technical brief on &lt;a href="https://sable.somoswilab.com/blog/sharepoint-rce" rel="noopener noreferrer"&gt;the exploitation pathway&lt;/a&gt;. Our team stands ready to assist with rapid patch validation, forensic triage, and hardening recommendations to keep your data safe.&lt;/p&gt;

</description>
      <category>sharepoint</category>
      <category>cve202645659</category>
      <category>remotecodeexecution</category>
      <category>microsoft</category>
    </item>
    <item>
      <title>Ubiquiti UniFi Critical Flaws Exposed: CVE-2026-50746 and Companion Vulnerabilities</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 16:17:01 +0000</pubDate>
      <link>https://dev.to/alejandxr/ubiquiti-unifi-critical-flaws-exposed-cve-2026-50746-and-companion-vulnerabilities-4bli</link>
      <guid>https://dev.to/alejandxr/ubiquiti-unifi-critical-flaws-exposed-cve-2026-50746-and-companion-vulnerabilities-4bli</guid>
      <description>&lt;h2&gt;
  
  
  What Happened
&lt;/h2&gt;

&lt;p&gt;Ubiquiti disclosed a series of high‑severity vulnerabilities across its UniFi product line on July 8, 2026. The most dangerous, &lt;a href="https://thehackernews.com/2026/07/ubiquiti-patches-critical-unifi-flaws.html" rel="noopener noreferrer"&gt;CVE‑2026‑50746&lt;/a&gt;, received a CVSS 10.0 rating – the highest possible score – because it can be exploited remotely without authentication, using an &lt;em&gt;Improper Access Control&lt;/em&gt; flaw in the UniFi Connect application. An attacker who can reach the management interface can inject arbitrary operating‑system commands and take complete control of the host.&lt;/p&gt;

&lt;p&gt;In addition to CVE‑2026‑50746, Ubiquiti patched six other critical issues: CVE‑2026‑50747 (SQL injection in UniFi Talk), CVE‑2026‑50748 (command injection in UniFi Access), CVE‑2026‑54400 (privilege escalation in UniFi Access), CVE‑2026‑54402 (command injection in UniFi OS), CVE‑2026‑55115 (SSRF in UniFi Protect) and CVE‑2026‑55116 (unauthorized changes in UniFi OS). All were fixed in the same security release.&lt;a href="https://www.bleepingcomputer.com/news/security/ubiquiti-warns-of-new-max-severity-unifi-os-vulnerability/" rel="noopener noreferrer"&gt;1&lt;/a&gt;&lt;a href="https://www.techtimes.com/articles/319919/20260708/unifi-cvss-100-flaw-exposes-100000-endpoints-unauthenticated-takeover.htm" rel="noopener noreferrer"&gt;2&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical Details
&lt;/h2&gt;

&lt;p&gt;The CVE‑2026‑50746 vulnerability resides in UniFi Connect versions&amp;nbsp;3.4.16 and earlier. The component fails to verify the caller’s privileges before passing a crafted request to a system‑level command interpreter. As a result, a network‑adjacent attacker can send a specially‑crafted HTTP request that triggers command execution on the underlying Linux host. Because UniFi Connect often runs with root privileges to manage device provisioning, the impact is full system compromise.&lt;/p&gt;

&lt;p&gt;Other flaws follow a similar pattern of insufficient input validation. CVE‑2026‑50747 is an authenticated SQL injection that allows an attacker with low‑privilege network access to escalate to admin on UniFi Talk. CVE‑2026‑50748 and CVE‑2026‑54402 are both command‑injection bugs in UniFi Access and UniFi OS respectively, reachable via malformed REST calls. CVE‑2026‑55115 is a server‑side request forgery (SSRF) in UniFi Protect that lets a low‑privileged attacker trick the backend into contacting internal services, leading to privilege escalation. CVE‑2026‑55116 is an access‑control weakness that permits unauthorized configuration changes in UniFi OS.&lt;/p&gt;

&lt;h2&gt;
  
  
  Impact
&lt;/h2&gt;

&lt;p&gt;Threat intelligence firms estimate that over 100 000 UniFi OS instances are exposed to the public internet (&lt;a href="https://www.techtimes.com/articles/319919/20260708/unifi-cvss-100-flaw-exposes-100000-endpoints-unauthenticated-takeover.htm" rel="noopener noreferrer"&gt;TechTimes&lt;/a&gt;). If any of these devices run vulnerable versions, they become prime recruitment targets for botnets – similar to the “MooBot” botnet that leveraged compromised Ubiquiti EdgeOS routers in 2024. Successful exploitation grants attackers arbitrary code execution, enabling data exfiltration, lateral movement, or the deployment of ransomware. The CVE‑2026‑50746 flaw alone is powerful enough for nation‑state actors to gain footholds in critical infrastructure that relies on UniFi for building automation, lighting, or EV‑charging management.&lt;/p&gt;

&lt;h2&gt;
  
  
  Mitigation
&lt;/h2&gt;

&lt;p&gt;Ubiquiti’s advisory urges immediate updates:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Upgrade UniFi Connect to version 3.4.20 or later.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Upgrade UniFi Talk to 5.2.2, UniFi Access to 4.2.29, UniFi OS Server to 5.1.19, and UniFi Protect to 7.1.83.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Verify that all UniFi devices are no longer reachable from the public internet unless explicitly required. Use firewall rules or VPNs to restrict management traffic.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Run vulnerability scans (e.g., using Censys or Shodan) to identify any lingering vulnerable instances.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Monitor logs for unexpected command‑execution patterns or outbound requests indicating SSRF attempts.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Organizations should also apply the same hardening steps they use for other network‑exposed management consoles: enforce strong authentication, enable multi‑factor authentication, and segment management networks.&lt;/p&gt;

&lt;p&gt;For additional guidance, see Ubiquiti’s official security bulletin and the detailed analysis from BleepingComputer (&lt;a href="https://www.bleepingcomputer.com/news/security/ubiquiti-warns-of-new-max-severity-unifi-os-vulnerability/" rel="noopener noreferrer"&gt;source&lt;/a&gt;).&lt;/p&gt;

</description>
      <category>cve</category>
      <category>ubiquiti</category>
      <category>network</category>
    </item>
    <item>
      <title>Critical XSS Flaw in Zimbra Classic Web Client Enables Arbitrary Code Execution</title>
      <dc:creator>Diego Diaz</dc:creator>
      <pubDate>Mon, 13 Jul 2026 16:04:15 +0000</pubDate>
      <link>https://dev.to/alejandxr/critical-xss-flaw-in-zimbra-classic-web-client-enables-arbitrary-code-execution-2o1c</link>
      <guid>https://dev.to/alejandxr/critical-xss-flaw-in-zimbra-classic-web-client-enables-arbitrary-code-execution-2o1c</guid>
      <description>&lt;h2&gt;
  
  
  What Happened
&lt;/h2&gt;

&lt;p&gt;Zimbra announced a critical stored cross‑site scripting (XSS) vulnerability in its Classic Web Client that allows specially crafted emails to execute arbitrary JavaScript in a user’s browser. The flaw can expose mailbox contents, session data, and account settings if an email is opened. The issue has not yet been assigned a CVE identifier, but Zimbra confirmed that the vulnerability enables arbitrary code execution &lt;a href="https://thehackernews.com/2026/07/critical-zimbra-flaw-could-let-crafted_0483473395.html" rel="noopener noreferrer"&gt;The Hacker News&lt;/a&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical Analysis
&lt;/h2&gt;

&lt;p&gt;The XSS flaw resides in the Classic Web Client’s handling of email bodies. When an email contains malicious script tags, the client fails to properly sanitize or escape the input, storing the payload in the server‑side database. Upon retrieval, the script runs in the context of the logged‑in user’s session, granting access to cookies and session tokens. The vulnerability was discovered by Google’s Threat Analysis Group and reported to Zimbra, which subsequently released version 10.1.19 to remediate the issue &lt;a href="https://www.bleepingcomputer.com/news/security/zimbra-urges-customers-to-patch-critical-web-client-xss-flaw/" rel="noopener noreferrer"&gt;BleepingComputer&lt;/a&gt; and &lt;a href="https://www.scworld.com/brief/zimbra-urges-patching-of-critical-xss-vulnerability-in-classic-web-client" rel="noopener noreferrer"&gt;SC Media&lt;/a&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  Who’s Affected
&lt;/h2&gt;

&lt;p&gt;The flaw impacts all deployments of Zimbra Collaboration Suite that still use the Classic Web Client, which is common in large enterprises and government agencies due to its lower resource consumption. Zimbra estimates millions of installations worldwide, with a significant portion of the user base relying on the Classic UI for email access. Because the vulnerability is stored, any organization that receives a malicious email can become compromised without user interaction beyond opening the message.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to Protect Yourself
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Immediately upgrade to Zimbra Collaboration Suite version &lt;strong&gt;10.1.19&lt;/strong&gt;, which includes the XSS fix.&lt;/li&gt;
&lt;li&gt;If you cannot upgrade immediately, disable the Classic Web Client and force users to the modern UI to mitigate the attack surface.&lt;/li&gt;
&lt;li&gt;Apply strict email filtering to block suspicious attachments and HTML content containing script tags.&lt;/li&gt;
&lt;li&gt;Enforce multi‑factor authentication (MFA) for all mailbox logins to limit the impact of stolen session tokens.&lt;/li&gt;
&lt;li&gt;Monitor server logs for unusual JavaScript execution patterns or unexpected outbound requests from the web client.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  The Sable Angle
&lt;/h2&gt;

&lt;p&gt;At Sable we routinely audit email collaboration platforms for hidden attack vectors. Our research team has built automated detection scripts that surface stored XSS payloads across large mailboxes, helping clients pre‑emptively identify vulnerable messages before they reach end users. Learn more about our offensive security services on the &lt;a href="https://dev.to/research"&gt;Research page&lt;/a&gt; and see how we helped secure similar high‑profile email systems in the past.&lt;/p&gt;

&lt;h2&gt;
  
  
  References
&lt;/h2&gt;

&lt;p&gt;&lt;a href="https://thehackernews.com/2026/07/critical-zimbra-flaw-could-let-crafted_0483473395.html" rel="noopener noreferrer"&gt;The Hacker News – Critical Zimbra Flaw&lt;/a&gt;&lt;br&gt;
&lt;a href="https://www.bleepingcomputer.com/news/security/zimbra-urges-customers-to-patch-critical-web-client-xss-flaw/" rel="noopener noreferrer"&gt;BleepingComputer – Zimbra XSS Patch&lt;/a&gt;&lt;br&gt;
&lt;a href="https://www.scworld.com/brief/zimbra-urges-patching-of-critical-xss-vulnerability-in-classic-web-client" rel="noopener noreferrer"&gt;SC Media – Zimbra XSS Advisory&lt;/a&gt;&lt;/p&gt;

</description>
      <category>zimbra</category>
      <category>xss</category>
      <category>emailsecurity</category>
      <category>cve</category>
    </item>
  </channel>
</rss>
