Last updated: July 6, 2026 at 12:53 AM UTC
All 559 Vulnerability 199 Breach 107 Threat 246 Defense 7

Packagist supply-chain attack hits 8 Composer packages with cross-ecosystem package.json hook downloading Linux binary to /tmp/.sshd

Socket has detailed a coordinated supply-chain campaign that planted malicious code in eight Composer packages on Packagist, including moritz-sauer-13/silverstripe-cms-theme, crosiersource/crosierlib-base, devdojo/wave, devdojo/genesis, katanaui/katana, elitedevsquad/sidecar-laravel, r2luna/brain, and baskarcm/tzi-chat-ui. The attackers placed the payload not in composer.json but in package.json - meaning teams scanning only PHP dependencies would miss the Node.js lifecycle hook bundled inside. The postinstall script downloads a Linux binary from a GitHub Releases URL (github[.]com/parikhpreyash4/systemd-network-helper-aa5c751f), saves it as /tmp/.sshd, and runs it backgrounded with execute permissions. Socket found the same payload referenced in 777 GitHub files, including two GitHub Actions workflows - hinting at a broader campaign.

Check
Audit composer.lock and package.json across PHP projects for the 8 affected packages installed since 2026-05-20. Block egress to github[.]com/parikhpreyash4/* and check /tmp/.sshd presence on Linux build hosts.
Affected
Any project that installed moritz-sauer-13/silverstripe-cms-theme, crosiersource/crosierlib-base, devdojo/wave, devdojo/genesis, katanaui/katana, elitedevsquad/sidecar-laravel, r2luna/brain, or baskarcm/tzi-chat-ui via Composer. Hidden in package.json so PHP-only scanners miss it.
Fix
Roll affected packages back to clean versions; pin via composer.lock and package-lock.json. Rotate developer and CI credentials reachable from affected hosts. Scan PHP repos for package.json lifecycle hooks.

GitHub ships npm 11.15.0 with 2FA-gated staging, OIDC trusted publishing, and per-source install flags in response to TeamPCP wave

GitHub has shipped npm CLI 11.15.0 introducing a 'staging' workflow that lets maintainers run 'npm stage publish' to push a candidate to a staging area before going live - with the constraint that the package must already exist on the registry and have 2FA enabled on the account. Three new install flags (--allow-file, --allow-remote, --allow-directory) extend the existing --allow-git to give developers an explicit allowlist for every non-registry install source. GitHub is also encouraging maintainers to pair staging with trusted publishing via OIDC. The changes respond to the TeamPCP supply-chain wave that compromised hundreds of packages over the past several weeks.

Check
Inventory developer machines using npm CLI. Upgrade to 11.15.0+ to access the staging workflow. Identify high-impact packages your team publishes and require 2FA on those maintainer accounts.
Affected
Any npm publisher whose tokens or maintainer accounts could be hijacked. The TeamPCP wave hit 600+ packages in one hour on May 19 by abusing maintainer accounts.
Fix
Adopt 'npm stage publish' for production packages. Enable 2FA on all maintainer accounts. Configure trusted publishing via OIDC where supported. Apply --allow-file / --allow-remote / --allow-directory selectively in CI.

FBI warns of Kali365 phishing-as-a-service: OAuth device-code consent abuse against Microsoft 365 since April, $250-$2,000/year

The FBI has issued a warning about Kali365, a phishing-as-a-service platform that fueled large Microsoft 365 attacks in April. Instead of stealing passwords, Kali365 customers trigger Microsoft device-login requests and trick victims into completing the authorization, capturing OAuth access and refresh tokens that grant immediate mailbox access. Arctic Wolf, which infiltrated the system, says Kali365 sells in three tiers from $250 for 30 days to $2,000 for the year and generates branded phishing lures impersonating Adobe, DocuSign, and SharePoint in dozens of languages. Threat actors set malicious inbox rules to suppress security notifications and extend dwell time.

Check
Search Microsoft 365 audit logs for unfamiliar device-login completions and OAuth consent grants since April 1. Hunt for inbox rules that auto-delete or hide security-team email addresses.
Affected
Any Microsoft 365 tenant where users can complete device-login flows initiated by an attacker. Adobe, DocuSign, and SharePoint-themed lures are the primary social engineering vector.
Fix
Block device-code flow in Conditional Access for non-mobile platforms. Enforce phishing-resistant FIDO2 MFA. Train users to verify the device-login codes they approve. Audit OAuth-granted apps quarterly.

Italian Guardia di Finanza dismantles CINEMAGOAL piracy app that harvested fresh auth codes from legit Netflix, Disney+, Spotify subscriptions every 3 minutes

Italian Guardia di Finanza has dismantled CINEMAGOAL, an unusual piracy operation whose customers installed an app on their devices that authenticated directly to legitimate Netflix, Disney+, Spotify, Sky, and DAZN. A network of virtual machines in Italy captured fresh authentication and decryption codes from real subscriptions (opened under false identities) every three minutes and redistributed them to subscribers, who streamed at full quality with their real IPs masked. Operation 'Tutto Chiaro' executed 100 searches across Italy, seized servers in France and Germany, and identified about 70 resellers. The first 1,000 subscribers have been fined between €154 and €5,000.

Check
If you run an enterprise streaming or subscription product: search for accounts authenticating from Italian VM ranges with abnormally short session intervals (every 3 minutes) tied to suspicious billing details.
Affected
Streaming and content platforms (Netflix, Disney+, Spotify, Sky, DAZN are named victims). Subscribers signing up under fake identities, then sharing rotating auth tokens, is the core abuse pattern.
Fix
Add device-binding to subscription sessions so a captured token does not work elsewhere. Throttle simultaneous-stream limits at the network level. Strengthen identity verification at subscription signup.

Drupal critical SQL injection CVE-2026-9082 now actively exploited in PostgreSQL sites, added to CISA KEV - patch immediately

Drupal has issued an update to its highly critical PSA-2026-05-18 advisory confirming that exploit attempts for CVE-2026-9082 are now being detected in the wild. The bug is an SQL injection in Drupal's database abstraction API that lets unauthenticated requests trigger arbitrary SQL on sites running PostgreSQL, with possible escalation to RCE, privilege escalation, and information disclosure. Drupal rates it 23 out of 25 internally though NIST's CVSS v3 score is a mismatched 6.5. CISA added it to KEV on May 22. Affected versions cover Drupal 8.9.x and all 10.x and 11.x branches up to 10.4.10, 10.5.10, 10.6.9, 11.1.10, 11.2.12, and 11.3.10.

Check
Inventory Drupal sites, confirm core version, and identify PostgreSQL deployments (highest impact). Search web access logs for unusual database errors or SQL-pattern requests since 2026-05-20.
Affected
Drupal core 8.9.x, 10.4.x before 10.4.10, 10.5.x before 10.5.10, 10.6.x before 10.6.9, and all 11.x before 11.1.10/11.2.12/11.3.10. PostgreSQL backends face RCE; MySQL still needs the upgrade for Symfony/Twig.
Fix
Upgrade to the patched branch immediately. FCEB agencies must remediate by June 12 per CISA KEV. Apply WAF rules blocking suspicious SQL injection patterns until the patch lands.

Lawmakers demand answers from CISA over GitHub credential leak; agency still hasn't rotated all exposed keys a week later

A week after CISA was first notified of credentials leaking from its Private-CISA GitHub repository, the agency is still working to invalidate and replace many of the exposed keys, according to TruffleHog creator Dylan Ayrey. On May 19, Senator Maggie Hassan and Representatives Bennie Thompson and Delia Ramirez sent letters demanding answers, noting CISA has lost a third of its workforce and almost all senior leaders to forced retirements and buyouts. An RSA private key giving full read access to every CISA-IT GitHub repository was still active when Ayrey re-tested on May 20; CISA rotated it after KrebsOnSecurity's notification, but other critical credentials reportedly remain unrotated.

Check
If you are a Federal civilian agency, check whether CISA has reissued any credentials, tokens, or runner registrations that integrate with your environment. Treat shared secrets as still potentially exposed.
Affected
Any organization that integrates with CISA's GitHub estate, GitHub Apps owned by the CISA enterprise account, or CISA-IT internal CI/CD pipelines. Federal civilian agencies are primary.
Fix
Rotate any tokens or webhooks shared with CISA-IT systems pending the agency's full remediation. Use TruffleHog or GitGuardian to scan your own GitHub estate for the same class of leak.

Anthropic Mythos Preview AI finds 10,000+ high-severity flaws in widely used software; Cyber Verification Program launched

Anthropic has unveiled Claude Mythos Preview, a research-only AI model purpose-built for security tasks, and disclosed that it has used the model to find more than 10,000 high-severity vulnerabilities in widely used open-source and commercial software. Mythos has also been adapted to build end-to-end exploit chains and, in one Glasswing partner-bank case, helped block a $1.5 million fraudulent wire transfer. Anthropic is urging defenders to shorten patch windows because models with similar capability will soon be broadly available. It has launched a Cyber Verification Program that lets vetted researchers use the model without guardrails for legitimate vulnerability research, red teaming, and penetration testing.

Check
Audit your patch SLAs: how fast does a critical CVE move from vendor advisory to production? Aim for under 72 hours on internet-facing services.
Affected
Any organization that relies on adversaries lacking time to develop exploits. Mythos and similar models (OpenAI's GPT-5.5-Cyber) compress the exploit-development timeline dramatically.
Fix
Shorten patch testing and deployment cycles. Harden default configurations. Enforce phishing-resistant MFA. Apply for the Anthropic Cyber Verification Program if you do legitimate vulnerability research.

Laravel-Lang PHP packages compromised - autoload payload steals AWS, Azure, GCP, K8s, Vault, crypto wallets across Linux, macOS, Windows

Aikido Security and Socket have disclosed that several packages in the Laravel-Lang PHP ecosystem were compromised and used to ship a ~5,900-line PHP credential stealer that runs automatically the moment any consumer of the package boots. The dropper registers itself in composer.json under autoload.files, so no class instantiation or method call is needed - the payload triggers on every PHP request. It harvests AWS, Azure, GCP, Kubernetes, HashiCorp Vault, Jenkins, GitLab, GitHub Actions, CircleCI, browser data, password-manager vaults, SSH keys, crypto wallets, and VPN configs, then AES-encrypts the bundle and exfiltrates to flipboxstudio[.]info/exfil. The script then deletes itself to limit forensic recovery.

Check
Audit composer.lock files and Laravel deployments for any laravel-lang/* package installed since 2026-05-15. Search egress logs for traffic to flipboxstudio[.]info. Check src/helpers.php for unfamiliar code.
Affected
Any PHP application that pulled in a compromised laravel-lang package via Composer. The autoload trigger means the payload runs on every request, not just on first use.
Fix
Roll back to a known-clean laravel-lang version and pin via composer.lock. Rotate every cloud credential, SSH key, browser-stored token, and password-vault item reachable from affected hosts.

LiteSpeed cPanel Plugin CVE-2026-48172 actively exploited - root-level script execution, update to 2.4.7 / WHM 5.3.1.0

LiteSpeed Technologies has patched CVE-2026-48172, a privilege-escalation vulnerability in its cPanel plugin that lets a low-privileged cPanel user trick the plugin into running scripts as root. The flaw has been observed under active exploitation. The fix lands in cPanel plugin v2.4.7 bundled with WHM plugin 5.3.1.0. Operators who cannot patch immediately are advised to uninstall the user-end plugin via /usr/local/lsws/admin/misc/lscmctl cpanelplugin --uninstall. This follows last month's actively exploited CVE-2026-41940 (CVSS 9.8) in cPanel itself, which threat actors used to drop Mirai variants and the Sorry ransomware strain. cPanel hosting providers and resellers are the primary targets.

Check
Inventory cPanel hosts running the LiteSpeed cPanel plugin. Confirm WHM plugin version and bundled cPanel plugin version. Search /var/log/messages for unexpected lscmctl invocations.
Affected
All LiteSpeed cPanel plugin versions before 2.4.7 (bundled with WHM plugin 5.3.1.0). Hosting providers and shared-hosting tenants where low-privileged cPanel users can run scripts are at highest risk.
Fix
Upgrade to LiteSpeed WHM plugin 5.3.1.0 (with bundled cPanel plugin 2.4.7) immediately. Temporary mitigation: uninstall the user-end plugin via /usr/local/lsws/admin/misc/lscmctl cpanelplugin --uninstall.

Ghostwriter (UAC-0057/UNC1151) targets Ukrainian government with Prometheus learning-platform lure, OYSTERSHUCK/OYSTERBLUES, Cobalt Strike payload

CERT-UA has documented a fresh Ghostwriter campaign (also tracked as UAC-0057 and UNC1151) using PDF lures themed around Prometheus, a Ukrainian online learning platform, to target Ukrainian government organizations. The phishing email contains a link to a ZIP that drops a JavaScript file (OYSTERFRESH), which displays a decoy document, writes an encrypted payload (OYSTERBLUES) to the Windows Registry, and downloads a loader (OYSTERSHUCK) that decodes and runs OYSTERBLUES. The final payload is Cobalt Strike. Ghostwriter is a Belarus-linked threat group that has been hitting Ukrainian targets continuously since 2022. CERT-UA recommends restricting wscript.exe for standard user accounts.

Check
Search Windows endpoints in Ukraine-facing operations for wscript.exe execution chains spawning JavaScript files. Look for HTTP POST exfiltration to unfamiliar C2 hosts after PDF email opens.
Affected
Ukrainian government organizations and contractors. Ghostwriter has been Russia and Belarus's most persistent Ukrainian-government-focused APT since 2022. PDF and ZIP attachments are the primary delivery vector.
Fix
Restrict wscript.exe execution for standard user accounts via AppLocker or WDAC. Block .js attachment delivery at the email gateway. Hunt for Cobalt Strike beacons in Ukraine-related operations.