Cisco Source Code Stolen via Trivy Supply Chain Attack, AI-Discovered Vim & Emacs RCE Zero-Days, GIGABYTE Critical Flaw CVE-2026-4415, Venom Stealer Persistence
Cisco suffers massive breach after Trivy supply chain compromise exposes 300+ repositories including AI product source code and customer data. Claude AI discovers zero-click RCE vulnerabilities in Vim and Emacs. GIGABYTE Control Center critical flaw scores 9.2 CVSS. Venom Stealer introduces persistent credential harvesting. Google slashes quantum requirements for breaking cryptocurrency encryption by 20x.
🔴 Cisco Breached Through Trivy Supply Chain — 300+ Repos Stolen
Cisco has confirmed a significant breach of its internal development environment, stemming directly from the ongoing Trivy vulnerability scanner supply chain attack. Threat actors leveraged stolen credentials from the compromised Trivy GitHub Actions pipeline to infiltrate Cisco's build and development infrastructure.
⚠️ Critical Impact
Over 300 GitHub repositories were cloned during the incident, including source code for Cisco's AI-powered products — AI Assistants, AI Defense, and unreleased products. A portion of the stolen repositories reportedly belongs to corporate customers, including banks, BPOs, and US government agencies.
Attack Chain
- Entry vector: Malicious GitHub Action plugin from the Trivy compromise delivered credential-stealing malware
- Lateral movement: Stolen AWS keys used to perform unauthorized activities across Cisco AWS accounts
- Scope: Dozens of developer and lab workstations impacted
- Attribution: Linked to the TeamPCP threat group, responsible for a series of supply chain attacks targeting GitHub, PyPI, NPM, and Docker
- Ongoing risk: Continued fallout expected from follow-on LiteLLM and Checkmarx supply chain attacks
Cisco has isolated affected systems, begun reimaging them, and is performing wide-scale credential rotation. Multiple threat actors are believed to have been involved with varying degrees of activity.
Defender Action Items
- Audit all CI/CD pipelines for Trivy, LiteLLM, and Checkmarx KICS dependencies
- Rotate all credentials that may have been exposed through GitHub Actions workflows
- Review AWS CloudTrail logs for unauthorized API calls from unknown principals
- Pin GitHub Actions to specific commit SHAs, not tags
🧠 Claude AI Discovers RCE Zero-Days in Vim and Emacs
In a striking demonstration of AI-powered vulnerability research, security researcher Hung Nguyen from Calif used Anthropic's Claude to discover remote code execution vulnerabilities in both Vim and GNU Emacs — two of the most widely deployed text editors in the Linux ecosystem.
Vim: File-Open RCE (Patched)
- Trigger: Opening a specially crafted file containing malicious modeline instructions
- Root cause: Missing security checks in modeline handling combined with sandbox bypass
- Impact: Arbitrary command execution with the privileges of the user running Vim
- Affected: All versions of Vim ≤ 9.2.0271
- Fix: Upgrade to Vim 9.2.0272 immediately
GNU Emacs: vc-git RCE (Unpatched)
- Trigger: Opening a file in a directory containing a malicious
.git/configwith a craftedcore.fsmonitorentry - Root cause: Emacs' version control integration automatically runs Git operations without neutralizing dangerous configuration options
- Status: Unpatched — GNU Emacs maintainers consider this a Git responsibility
- Mitigation: Exercise extreme caution when opening files from untrusted sources or downloaded archives
🔍 AI Vulnerability Discovery Implications
This marks another milestone in AI-assisted security research. Claude not only identified the vulnerabilities but also created multiple PoC exploits and provided remediation suggestions — tasks that traditionally require deep manual code auditing expertise.
🔴 GIGABYTE Control Center Critical Flaw — CVE-2026-4415 (CVSS 9.2)
A critical arbitrary file-write vulnerability in GIGABYTE Control Center (GCC) allows remote, unauthenticated attackers to write files to any location on the operating system, leading to code execution, privilege escalation, or denial of service.
| Detail | Information |
|---|---|
| CVE | CVE-2026-4415 |
| CVSS v4.0 | 9.2 (Critical) |
| Affected | GCC versions ≤ 25.07.21.01 with pairing enabled |
| Fix | Upgrade to GCC 25.12.10.01 |
| Discoverer | David Sprüngli, SilentGrid |
GCC comes pre-installed on all GIGABYTE laptops and motherboards, making this a wide-exposure issue. The vulnerability exists in the "pairing" feature that allows the tool to communicate with other devices over the network. Organizations should download the latest version exclusively from GIGABYTE's official software portal.
🕷️ Venom Stealer: Continuous Credential Harvesting at Scale
Security researchers have flagged Venom Stealer, a licensed malware-as-a-service platform that introduces a dangerous evolution in info-stealing: continuous credential harvesting with built-in persistence and automation.
Unlike traditional stealers that perform a one-time grab-and-exfiltrate, Venom Stealer maintains persistent access to compromised systems, continuously siphoning:
- Browser-stored credentials and session cookies
- Cryptocurrency wallet data and private keys
- Application tokens and API keys
- Clipboard monitoring for sensitive data
The MaaS licensing model lowers the barrier for less sophisticated attackers, enabling widespread deployment without requiring deep technical knowledge.
⚛️ Google Slashes Quantum Requirements for Breaking Crypto Encryption by 20x
Google researchers have published findings showing that breaking the encryption underpinning Bitcoin and Ethereum requires 20 times fewer quantum computing qubits than previously estimated. While practical quantum attacks on cryptocurrency remain years away, the research dramatically accelerates the timeline.
Why it matters: Organizations relying on elliptic curve cryptography (ECC) for blockchain, PKI, or secure communications should be accelerating their post-quantum cryptography migration planning. NIST's post-quantum standards (ML-KEM, ML-DSA) finalized in 2024 are ready for adoption.
📋 Quick Hits
- CrewAI Sandbox Escape: Vulnerabilities in the CrewAI AI agent framework allow attackers to chain prompt injection with sandbox escape to execute arbitrary code on host systems
- OpenAI Codex GitHub Token Compromise: A critical vulnerability in OpenAI Codex could have been exploited to compromise GitHub tokens, now patched
- Lloyds Banking Data Breach: A faulty software update exposed 450,000 mobile banking users' transactions to other application users
- StrongSwan VPN Integer Underflow: A remotely exploitable flaw impacts StrongSwan releases spanning 15 years, allowing unauthenticated attackers to crash VPN gateways
- Android Developer Verification: Google begins mandatory developer verification ahead of September enforcement in Brazil, Indonesia, Singapore, and Thailand
🛡️ Recommended Actions
- Supply chain audit: Review all CI/CD dependencies for Trivy, LiteLLM, Checkmarx, and Axios npm packages — rotate any potentially exposed credentials
- Patch Vim immediately: Upgrade to version 9.2.0272 to close the file-open RCE
- Update GIGABYTE Control Center: Upgrade to GCC 25.12.10.01 and disable pairing if not needed
- Monitor for Venom Stealer IOCs: Check endpoint detection for continuous exfiltration patterns and persistent info-stealer activity
- Post-quantum planning: Begin evaluating NIST post-quantum standards for cryptographic migration
- AI agent security: Audit CrewAI and similar AI agent framework deployments for prompt injection exposure