ๅ‰ฃ KENSAI
โ˜ฐ
โ† Back to archive

๐Ÿ›ก๏ธ Daily Security Research Brief

Wednesday, April 1, 2026 โ€” 04:00 CEST
โšก TL;DR: Axios npm supply chain attack delivers cross-platform RATs (100M+ weekly downloads affected). Cisco breached via Trivy supply chain compromise โ€” source code for AI products and customer repos stolen. TrueConf zero-day (CVE-2026-3502) exploited by Chinese-nexus actor against SE Asian governments. Claude AI discovers RCE bugs in Vim and Emacs. Citrix NetScaler critical flaw under active exploitation. Google shows quantum crypto-breaking needs 20ร— fewer qubits.

๐Ÿ”ด Supply Chain Attacks

Axios npm Package Compromised โ€” Cross-Platform RAT Deployed

Critical supply-chain npm rat

The Axios HTTP client (100M+ weekly downloads) suffered a targeted supply chain attack. Attacker compromised maintainer Jason Saayman's npm account and published malicious versions 1.14.1 and 0.30.4 injecting a fake dependency plain-crypto-js that delivers platform-specific RATs to Windows, macOS, and Linux.

  • Malicious dependency was staged 18 hours in advance โ€” this was premeditated
  • RAT supports shell command execution, directory enumeration, and base64-encoded binary payloads
  • Dropper self-destructs and replaces package.json with clean copy to hinder forensics
  • Published without OIDC package origin, no matching GitHub commit

Action: Check lockfiles for axios@1.14.1 or axios@0.30.4 immediately. Pin to known-good versions. Audit CI/CD for unexpected dependency changes.

The Hacker News ยท BleepingComputer

Cisco Breached via Trivy Supply Chain Attack โ€” Source Code Stolen

Critical supply-chain breach TeamPCP

Cisco's internal development environment was breached using credentials stolen from the Trivy vulnerability scanner supply chain attack. Threat actors cloned 300+ GitHub repositories including source code for AI Assistants, AI Defense, and unreleased products.

  • Multiple AWS keys stolen and used for unauthorized activities across Cisco AWS accounts
  • Stolen repos include code belonging to banks, BPOs, and US government agencies
  • Multiple threat actors involved with varying activity levels
  • Attack attributed to TeamPCP threat group โ€” same actors behind Trivy, LiteLLM, and Checkmarx compromises
  • Cisco has isolated affected systems and begun credential rotation

BleepingComputer

๐ŸŽฏ Active Exploitation & Zero-Days

TrueConf Zero-Day (CVE-2026-3502) Exploited Against SE Asian Governments

High โ€” CVSS 7.8 zero-day apt china-nexus

A zero-day in TrueConf video conferencing client was exploited in the wild in a campaign dubbed TrueChaos targeting government entities in Southeast Asia. The flaw allows attackers who control an on-premises TrueConf server to distribute tampered updates to all connected endpoints.

  • Exploited to deploy Havoc C2 framework via DLL side-loading
  • Attributed with moderate confidence to a Chinese-nexus threat actor
  • Uses Alibaba Cloud and Tencent infrastructure for C2
  • Same victims targeted with ShadowPad in the same timeframe
  • Patched in TrueConf Windows client version 8.5.3

The Hacker News ยท Check Point Research

Citrix NetScaler Critical Flaw (CVE-2026-3055) Under Active Exploitation

Critical โ€” CVSS 9.3 active-exploitation citrix

A critical vulnerability in Citrix NetScaler ADC and NetScaler Gateway is being actively exploited since March 27. The flaw involves insufficient input validation leading to memory overread, leaking potentially sensitive information. Exploitation requires the appliance to be configured as a SAML Identity Provider.

Action: Patch immediately. Check SAML IDP configurations for indicators of compromise.

The Hacker News Weekly Recap

Fortinet FortiClient EMS SQL Injection โ€” Exploitation Begins

Critical active-exploitation fortinet

A critical SQL injection vulnerability in Fortinet FortiClient EMS allows unauthenticated attackers to execute arbitrary code remotely via crafted HTTP requests. Exploitation has been observed in the wild.

SecurityWeek

๐Ÿ”ฌ Vulnerabilities & CVEs

Vim & Emacs RCE Bugs Discovered by Claude AI

High rce ai-discovered vim emacs

Researcher Hung Nguyen used Claude to discover RCE vulnerabilities in both Vim and GNU Emacs triggered simply by opening a file.

  • Vim: Modeline handling bypass allows sandbox escape and arbitrary command execution. Affects all versions โ‰ค9.2.0271. Patched in 9.2.0272.
  • Emacs: vc-git integration reads attacker-controlled .git/config and executes core.fsmonitor programs. Emacs maintainers consider this Git's responsibility โ€” unpatched.

BleepingComputer ยท Calif Blog

GIGABYTE Control Center โ€” Arbitrary File Write Flaw

High arbitrary-write gigabyte

GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw allowing remote, unauthenticated attackers to access files on vulnerable hosts.

BleepingComputer

StrongSwan Integer Underflow โ€” VPN Crash (15 Years of Releases)

High vpn dos

A remotely exploitable integer underflow vulnerability in StrongSwan allows unauthenticated attackers to crash VPN connections. The flaw spans 15 years of releases.

SecurityWeek

Vertex AI Permission Model Abuse โ€” Google Cloud Data Exposure

High cloud google ai

Palo Alto Unit 42 disclosed a security blind spot in Google Cloud's Vertex AI platform where AI agents can be weaponized to gain unauthorized access to sensitive data and compromise cloud environments through permission model misuse.

The Hacker News

CrewAI Vulnerabilities โ€” Sandbox Escape via Prompt Injection

High ai-agents sandbox-escape

Vulnerabilities in the CrewAI framework allow attackers to exploit prompt injection to chain bugs together, escape the sandbox, and execute arbitrary code on host devices.

SecurityWeek

OpenAI Codex / ChatGPT Vulnerabilities Patched

High openai data-exfiltration

OpenAI patched two vulnerabilities: a ChatGPT data exfiltration flaw allowing covert extraction of conversation data via a single malicious prompt, and a Codex vulnerability enabling GitHub token compromise.

The Hacker News ยท SecurityWeek

๐Ÿ“Š Data Breaches & Incidents

Lloyds Banking Group โ€” 450,000 Users' Transactions Exposed

High breach banking

A faulty software update at Lloyds Banking Group led to mobile banking users' transaction data being exposed to other users of the application, impacting approximately 450,000 individuals.

SecurityWeek

CareCloud Healthcare Platform โ€” Potential Data Breach

Medium healthcare breach

Healthcare IT platform CareCloud disclosed a cybersecurity incident involving one of its electronic health record environments. Investigation is ongoing.

SecurityWeek

Anthropic Claude Code Source Leak

Medium leak ai

Anthropic accidentally leaked the source code for Claude Code (closed source) via an npm package. The company says no customer data or credentials were exposed.

BleepingComputer

๐Ÿฆ  Malware & Threat Actors

Silver Fox / AtlasCross RAT Campaign โ€” Asia-Wide Typosquatting

apt rat typosquatting

Chinese cybercrime group Silver Fox is running an active campaign using 11+ typosquatted domains impersonating Surfshark VPN, Signal, Telegram, Zoom, Microsoft Teams, and others to deliver the newly documented AtlasCross RAT. This represents an evolution from their previous Gh0st RAT derivatives.

The Hacker News

Venom Stealer โ€” Continuous Credential Harvesting

infostealer maas

Venom Stealer, a licensed malware-as-a-service with built-in persistence and automation, enables attackers to continuously siphon credentials, session data, and cryptocurrency assets from compromised systems.

SecurityWeek

TeamPCP Moves from OSS to AWS Environments

cloud aws lateral-movement

After validating stolen credentials using TruffleHog, the TeamPCP hacking group has been observed starting AWS services enumeration and lateral movement activities โ€” expanding from open-source supply chain attacks into cloud infrastructure compromise.

SecurityWeek

๐Ÿ“ก Emerging Trends

AI Agent Security Becomes a Critical Concern

Multiple stories this cycle highlight the growing attack surface around AI agents:

  • CrewAI sandbox escape via prompt injection chains
  • Vertex AI permission abuse for cloud data access
  • OpenAI Codex GitHub token compromise
  • LLMs silently breaking access control โ€” writing Rego/Cedar policies with missing conditions
  • Growing consensus that AI agents need zero-trust verification, not implicit trust

Supply Chain Attack Industrialization

The TeamPCP group's simultaneous compromise of Trivy, LiteLLM, Checkmarx, and now Axios demonstrates supply chain attacks are being industrialized at scale. Key pattern: compromise maintainer accounts โ†’ inject dependencies โ†’ steal CI/CD credentials โ†’ pivot to cloud infrastructure.

Quantum Computing Threat Acceleration

Google researchers demonstrated that breaking Bitcoin and Ethereum encryption requires 20ร— fewer qubits than previously estimated. While not immediately practical, this significantly accelerates the timeline for post-quantum cryptography migration urgency.

SecurityWeek

๐Ÿ› ๏ธ Tools & Releases

Proton Meet โ€” Privacy-Focused Video Conferencing

Proton launched Meet, a privacy-focused video conferencing platform positioned as an alternative to Google Meet, Zoom, and Microsoft Teams. End-to-end encrypted by default.

BleepingComputer

Censys Raises $70M for Internet Intelligence Platform

Censys raised $70M (total: $149M) to expand its internet intelligence platform for attack surface management and threat hunting.

SecurityWeek