CVE-2026-31431 (Copy Fail) lets any unprivileged Linux user gain root via a 732-byte Python PoC — no race, no offsets, no disk artifacts. Affects every distro since 2017.
Read full analysis →
TeamPCP exploited a permissive npm OIDC trust policy to poison SAP's mbt and @cap-js packages, exfiltrating cloud and developer secrets to victim-owned GitHub repos. Here's the full attack chain and how to detect it.
Read full analysis →
Trojanized LiteLLM releases on PyPI enabled data exfiltration with Kubernetes persistence—here’s the full attack chain and how to check if you’re affected.
Read full analysis →
Axios npm package compromised—attackers hijacked the maintainer’s account and injected a phantom dependency that dropped a cross-platform RAT. Here’s the full attack chain.
Read full analysis →
Check Point found ChatGPT’s code sandbox could leak data via DNS. Separately, Codex’s branch name field allowed command injection to steal GitHub tokens.
Read full analysis →
A custom .NET RAT dubbed CTRL uses weaponized Windows shortcuts to hijack RDP sessions via FRP tunnels—here’s the full attack chain and how to defend against it.
Read full analysis →Page 1 of 3 • 18 articles
