Overview
- Apache Software Foundation
- Apache HTTP Server
Description
Statistics
- 1 Post
Fediverse
This Week in Security: The Supply Chain Has Problems
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project.
Axios was created as a more developer-friendly Javascript HTTP interface for node.js, giving a promise-based API instead of the basic callback API. (Promise-based programming allows for simpler coding workflows, where a program can wait for a promise to be fulfilled, instead of the developer having to manage the state of every request manually.) Javascript has since provided a modern Fetch API that provides similar functionality, but Axios remains one of the most popular packages on the node.js NPM repository, with 100 million weekly downloads.
The lead developer of Axios believes he was compromised by a collaboration request – a common tactic for phishing specific targets: a project for an IDE like VS Code can include code that executes on the developers system when the project is run. Even outside a traditional IDE, common development tools like configure scripts and makefiles can easily run commands.
Socket.dev breaks down the attack in detail. Once the attackers had credentials to publish to the Axios NPM, they inserted malware as a new dependency to Axios, instead of modifying Axios itself. This likely helped the attack bypass other security checkers. The dependency – plain-crypto-js – is itself simply a copy of a popular encryption utility library, but one which executes additional code during the post-installation process available to all NPM packages.
Once triggered, the plain-crypto-js package installs platform specific malware for Windows, macOS, and Linux. Work has begun on decoding the obfuscated malware, but it appears to be a remote access tool (a RAT), a tool to allow the attackers direct remote access to any compromised system to steal credentials or install further malware like keyloggers or other data stealing tools. The full capabilities of the malware are difficult to ascertain, because it contained the ability to download and launch arbitrary binaries from a control server. Different victims may have received different payloads, based on other data found on the system, the country the system was in, and more.
Like other supply chain attacks, compromising the Axios project exposes several layers:
- Developer systems. Developers who built a package using Axios while the NPM repository was compromised have likely infected their own systems; systems with access to source code, publishing credentials, and other services.
- Build systems in the CI/CD pipeline. Continual integration / continual deployment systems automate building and releasing software, and have access to the source code, publishing credentials, and other private credentials for build tools and resources.
- The final product. By compromising the build process, the source to the released project could be modified invisibly during the build process.
The compromised packages were only available for a few hours before they were caught, but a naive guess from the 100 million weekly downloads means there could still have been millions of impacted builds, assuming around 500,000 downloads per hour.
A Good Day for AI
Researchers at Calif.io asked the Claude engine to find vulnerabilities in the Vim text editor – and it did. So they asked it to find a vulnerability in Emacs – and it did again (though it requires git to actually execute commands).
Both vulnerabilities result in commands being executed when a file is opened, which is a pretty significant result. In Vim, the command execution occurs through the ability to encode syntax and display settings via comments in the file being opened (/* vim .... */); typically these are sanitized to prevent command execution but an exception has been found. In Emacs, git hook, automatic scripts run by git based on events, is leveraged to run the commands.
Both vulnerabilities were validated by the Calif.io team before reporting them to the respective editor development teams; the Vim team has released a fix, and the Emacs team deferred the fix to the git maintainers.
Opinion of AI bug reports has been mixed to say the least among the Open Source community, with some projects outright closing vulnerability bug bounties due to floods of AI generated false reports. But this case feels appropriate – the AI was another tool used by bug hunters, and the results were confirmed as legitimate before the bugs were filed. If more AI discovered bugs were handled this way, the industry opinion of AI results would likely be higher.
Bad Days for Cisco and Salesforce
Seemingly tied to the compromise last week of the Trivy open source scanner, where attackers were able to replace the Trivy GitHub actions used by tens of thousands of projects for security scanning to gain access to CI/CD pipelines, Bleeping Computer reports that Cisco has had AWS keys and source code to products stolen.
Simultaneously, Cisco is having a bad time due to a compromise of Salesforce customer data by a prolific ransomware and data theft group behind similar breaches of Microsoft, Pluto TV, Mashable, AT&T, Jaguar, Qantas Airlines, and dozens of other high profile attacks. Independent of the Trivy compromise, they claim to have additional git repositories of Cisco source code, AWS buckets including customer and billing data, and more. How accurate these claims are remains to be seen, since ransomware groups often inflate the severity of their claims, obviously hoping for a greater payout.
If the attackers do have the source code to Cisco products, this could be the beginning of a long series of security issues. A common tactic after source code or internal bug database breaches is obviously to leverage the source code for faster remote bug finding, but to only use a single bug at a time. After weeks of continual security alerts and updates, many customers reach a point of exhaustion and begin to skip updates. A similar pattern happened following a breach of Oracle, resulting in a year-long situation with Java runtime environments with new exploits surfacing every time a patch closed the previous.
Gigabtye Vulnerability
The sky is blue, grass is green, and custom manufacturer tools for random motherboard features are often poorly written. Bleeping Computer also reports an flaw in the Gigabyte Control Center that allows overwriting arbitrary files.
Control Center is a piece of software installed by default on all Windows installs on Gigabyte laptops and can also be found on Windows desktops using Gigabyte motherboards. Control Center performs hardware monitoring, RGB light control, fan control, update management, and similar functions. It also supports remote pairing to manage multiple devices – and if remote pairing is enabled, CVE-2026-4415 allows writing to any file, which allows arbitrary execution of any code.
If you’ve got a Windows system with the Gigabyte tools, make sure to upgrade to the latest version as soon as possible! Bugs like these become much more serious when combined with other attacks – like router exploits or WiFi based attacks on public networks.
Securing GitHub Actions
With the record-breaking supply chain attacks, GitHub has announced they are accelerating their plans for securing repositories, actions, and publishing packages.
Directly from their blog post, GitHub recommends that all package maintainers should immediately:
- Use the CodeQL system to audit GitHub workflows. This will help automatically identify known exposures in your actions.
- Never allow a workflow to trigger on the ‘pull_request_target’. This prevents contributors from triggering actions with access to your GitHub secrets.
- Link to specific commit hashes of any external workflow actions. Actions can be imported from the GitHub Action Marketplace, typically by a tagged version – but recent attackers have been seen replacing release tags on actions. Linking to a specific commit hash stops version replacement attacks.
- Ensure you never merge a pull request with changes to the workflow. Workflows are stored in the repository under the ‘.github’ directory, and a malicious pull request could include changes to the workflow which steals the secret tokens.
Moving forwards, GitHub is expanding support of OpenID Connect (OIDC), a mechanism where GitHub and other providers like DockerHub and NPM can share authentication information without storing authentication tokens. While an OIDC configuration can’t prevent a compromised GitHub action, it should prevent harvesting authentication tokens which could be used directly against the packaging sites.
The GitHub Security Roadmap shows plans to harden the workflow system with locked dependencies, which has the goal of detecting and blocking unexpected changes to included actions. GitHub is also introducing immutable releases, which cannot be changed, even by removing the release tag and re-releasing it.
It’s nice to see what should be positive changes in how pipelines are run and packages are built, because the need for centrally managed packages certainly isn’t going away.
Apache Vuls hit macOS, Others
A handful (CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200) of vulnerabilities have been found in the Apache web server, ranging from manipulation of the user that launches CGI scripts, configuration of environment variables not being sanitized properly for CGI applications, and problems with the server-side include exec directives. None of these are world-melting bugs, but Apache is a very common web server, and is even included in standard macOS installations.
Node.JS Bounty Program Paused
Finally in an example of enormously bad timing, Node.JS announces that they are suspending their bug bounty program due to a lack of funding. While security reports are still accepted, bounties are no longer offered.
Previously, the Node.JS bug bounty program was funded by the Internet Bug Bounty, backed by Microsoft, Adobe, Meta, and other large Internet companies. As of March 27, 2026, the IBB announced it was closed to new project submissions, citing in part AI bug submissions overwhelming responders.
Overview
- GIGABYTE
- Gigabyte Control Center
Description
Statistics
- 1 Post
Fediverse
This Week in Security: The Supply Chain Has Problems
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project.
Axios was created as a more developer-friendly Javascript HTTP interface for node.js, giving a promise-based API instead of the basic callback API. (Promise-based programming allows for simpler coding workflows, where a program can wait for a promise to be fulfilled, instead of the developer having to manage the state of every request manually.) Javascript has since provided a modern Fetch API that provides similar functionality, but Axios remains one of the most popular packages on the node.js NPM repository, with 100 million weekly downloads.
The lead developer of Axios believes he was compromised by a collaboration request – a common tactic for phishing specific targets: a project for an IDE like VS Code can include code that executes on the developers system when the project is run. Even outside a traditional IDE, common development tools like configure scripts and makefiles can easily run commands.
Socket.dev breaks down the attack in detail. Once the attackers had credentials to publish to the Axios NPM, they inserted malware as a new dependency to Axios, instead of modifying Axios itself. This likely helped the attack bypass other security checkers. The dependency – plain-crypto-js – is itself simply a copy of a popular encryption utility library, but one which executes additional code during the post-installation process available to all NPM packages.
Once triggered, the plain-crypto-js package installs platform specific malware for Windows, macOS, and Linux. Work has begun on decoding the obfuscated malware, but it appears to be a remote access tool (a RAT), a tool to allow the attackers direct remote access to any compromised system to steal credentials or install further malware like keyloggers or other data stealing tools. The full capabilities of the malware are difficult to ascertain, because it contained the ability to download and launch arbitrary binaries from a control server. Different victims may have received different payloads, based on other data found on the system, the country the system was in, and more.
Like other supply chain attacks, compromising the Axios project exposes several layers:
- Developer systems. Developers who built a package using Axios while the NPM repository was compromised have likely infected their own systems; systems with access to source code, publishing credentials, and other services.
- Build systems in the CI/CD pipeline. Continual integration / continual deployment systems automate building and releasing software, and have access to the source code, publishing credentials, and other private credentials for build tools and resources.
- The final product. By compromising the build process, the source to the released project could be modified invisibly during the build process.
The compromised packages were only available for a few hours before they were caught, but a naive guess from the 100 million weekly downloads means there could still have been millions of impacted builds, assuming around 500,000 downloads per hour.
A Good Day for AI
Researchers at Calif.io asked the Claude engine to find vulnerabilities in the Vim text editor – and it did. So they asked it to find a vulnerability in Emacs – and it did again (though it requires git to actually execute commands).
Both vulnerabilities result in commands being executed when a file is opened, which is a pretty significant result. In Vim, the command execution occurs through the ability to encode syntax and display settings via comments in the file being opened (/* vim .... */); typically these are sanitized to prevent command execution but an exception has been found. In Emacs, git hook, automatic scripts run by git based on events, is leveraged to run the commands.
Both vulnerabilities were validated by the Calif.io team before reporting them to the respective editor development teams; the Vim team has released a fix, and the Emacs team deferred the fix to the git maintainers.
Opinion of AI bug reports has been mixed to say the least among the Open Source community, with some projects outright closing vulnerability bug bounties due to floods of AI generated false reports. But this case feels appropriate – the AI was another tool used by bug hunters, and the results were confirmed as legitimate before the bugs were filed. If more AI discovered bugs were handled this way, the industry opinion of AI results would likely be higher.
Bad Days for Cisco and Salesforce
Seemingly tied to the compromise last week of the Trivy open source scanner, where attackers were able to replace the Trivy GitHub actions used by tens of thousands of projects for security scanning to gain access to CI/CD pipelines, Bleeping Computer reports that Cisco has had AWS keys and source code to products stolen.
Simultaneously, Cisco is having a bad time due to a compromise of Salesforce customer data by a prolific ransomware and data theft group behind similar breaches of Microsoft, Pluto TV, Mashable, AT&T, Jaguar, Qantas Airlines, and dozens of other high profile attacks. Independent of the Trivy compromise, they claim to have additional git repositories of Cisco source code, AWS buckets including customer and billing data, and more. How accurate these claims are remains to be seen, since ransomware groups often inflate the severity of their claims, obviously hoping for a greater payout.
If the attackers do have the source code to Cisco products, this could be the beginning of a long series of security issues. A common tactic after source code or internal bug database breaches is obviously to leverage the source code for faster remote bug finding, but to only use a single bug at a time. After weeks of continual security alerts and updates, many customers reach a point of exhaustion and begin to skip updates. A similar pattern happened following a breach of Oracle, resulting in a year-long situation with Java runtime environments with new exploits surfacing every time a patch closed the previous.
Gigabtye Vulnerability
The sky is blue, grass is green, and custom manufacturer tools for random motherboard features are often poorly written. Bleeping Computer also reports an flaw in the Gigabyte Control Center that allows overwriting arbitrary files.
Control Center is a piece of software installed by default on all Windows installs on Gigabyte laptops and can also be found on Windows desktops using Gigabyte motherboards. Control Center performs hardware monitoring, RGB light control, fan control, update management, and similar functions. It also supports remote pairing to manage multiple devices – and if remote pairing is enabled, CVE-2026-4415 allows writing to any file, which allows arbitrary execution of any code.
If you’ve got a Windows system with the Gigabyte tools, make sure to upgrade to the latest version as soon as possible! Bugs like these become much more serious when combined with other attacks – like router exploits or WiFi based attacks on public networks.
Securing GitHub Actions
With the record-breaking supply chain attacks, GitHub has announced they are accelerating their plans for securing repositories, actions, and publishing packages.
Directly from their blog post, GitHub recommends that all package maintainers should immediately:
- Use the CodeQL system to audit GitHub workflows. This will help automatically identify known exposures in your actions.
- Never allow a workflow to trigger on the ‘pull_request_target’. This prevents contributors from triggering actions with access to your GitHub secrets.
- Link to specific commit hashes of any external workflow actions. Actions can be imported from the GitHub Action Marketplace, typically by a tagged version – but recent attackers have been seen replacing release tags on actions. Linking to a specific commit hash stops version replacement attacks.
- Ensure you never merge a pull request with changes to the workflow. Workflows are stored in the repository under the ‘.github’ directory, and a malicious pull request could include changes to the workflow which steals the secret tokens.
Moving forwards, GitHub is expanding support of OpenID Connect (OIDC), a mechanism where GitHub and other providers like DockerHub and NPM can share authentication information without storing authentication tokens. While an OIDC configuration can’t prevent a compromised GitHub action, it should prevent harvesting authentication tokens which could be used directly against the packaging sites.
The GitHub Security Roadmap shows plans to harden the workflow system with locked dependencies, which has the goal of detecting and blocking unexpected changes to included actions. GitHub is also introducing immutable releases, which cannot be changed, even by removing the release tag and re-releasing it.
It’s nice to see what should be positive changes in how pipelines are run and packages are built, because the need for centrally managed packages certainly isn’t going away.
Apache Vuls hit macOS, Others
A handful (CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200) of vulnerabilities have been found in the Apache web server, ranging from manipulation of the user that launches CGI scripts, configuration of environment variables not being sanitized properly for CGI applications, and problems with the server-side include exec directives. None of these are world-melting bugs, but Apache is a very common web server, and is even included in standard macOS installations.
Node.JS Bounty Program Paused
Finally in an example of enormously bad timing, Node.JS announces that they are suspending their bug bounty program due to a lack of funding. While security reports are still accepted, bounties are no longer offered.
Previously, the Node.JS bug bounty program was funded by the Internet Bug Bounty, backed by Microsoft, Adobe, Meta, and other large Internet companies. As of March 27, 2026, the IBB announced it was closed to new project submissions, citing in part AI bug submissions overwhelming responders.
Overview
- Apache Software Foundation
- Apache HTTP Server
Description
Statistics
- 1 Post
Fediverse
This Week in Security: The Supply Chain Has Problems
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project.
Axios was created as a more developer-friendly Javascript HTTP interface for node.js, giving a promise-based API instead of the basic callback API. (Promise-based programming allows for simpler coding workflows, where a program can wait for a promise to be fulfilled, instead of the developer having to manage the state of every request manually.) Javascript has since provided a modern Fetch API that provides similar functionality, but Axios remains one of the most popular packages on the node.js NPM repository, with 100 million weekly downloads.
The lead developer of Axios believes he was compromised by a collaboration request – a common tactic for phishing specific targets: a project for an IDE like VS Code can include code that executes on the developers system when the project is run. Even outside a traditional IDE, common development tools like configure scripts and makefiles can easily run commands.
Socket.dev breaks down the attack in detail. Once the attackers had credentials to publish to the Axios NPM, they inserted malware as a new dependency to Axios, instead of modifying Axios itself. This likely helped the attack bypass other security checkers. The dependency – plain-crypto-js – is itself simply a copy of a popular encryption utility library, but one which executes additional code during the post-installation process available to all NPM packages.
Once triggered, the plain-crypto-js package installs platform specific malware for Windows, macOS, and Linux. Work has begun on decoding the obfuscated malware, but it appears to be a remote access tool (a RAT), a tool to allow the attackers direct remote access to any compromised system to steal credentials or install further malware like keyloggers or other data stealing tools. The full capabilities of the malware are difficult to ascertain, because it contained the ability to download and launch arbitrary binaries from a control server. Different victims may have received different payloads, based on other data found on the system, the country the system was in, and more.
Like other supply chain attacks, compromising the Axios project exposes several layers:
- Developer systems. Developers who built a package using Axios while the NPM repository was compromised have likely infected their own systems; systems with access to source code, publishing credentials, and other services.
- Build systems in the CI/CD pipeline. Continual integration / continual deployment systems automate building and releasing software, and have access to the source code, publishing credentials, and other private credentials for build tools and resources.
- The final product. By compromising the build process, the source to the released project could be modified invisibly during the build process.
The compromised packages were only available for a few hours before they were caught, but a naive guess from the 100 million weekly downloads means there could still have been millions of impacted builds, assuming around 500,000 downloads per hour.
A Good Day for AI
Researchers at Calif.io asked the Claude engine to find vulnerabilities in the Vim text editor – and it did. So they asked it to find a vulnerability in Emacs – and it did again (though it requires git to actually execute commands).
Both vulnerabilities result in commands being executed when a file is opened, which is a pretty significant result. In Vim, the command execution occurs through the ability to encode syntax and display settings via comments in the file being opened (/* vim .... */); typically these are sanitized to prevent command execution but an exception has been found. In Emacs, git hook, automatic scripts run by git based on events, is leveraged to run the commands.
Both vulnerabilities were validated by the Calif.io team before reporting them to the respective editor development teams; the Vim team has released a fix, and the Emacs team deferred the fix to the git maintainers.
Opinion of AI bug reports has been mixed to say the least among the Open Source community, with some projects outright closing vulnerability bug bounties due to floods of AI generated false reports. But this case feels appropriate – the AI was another tool used by bug hunters, and the results were confirmed as legitimate before the bugs were filed. If more AI discovered bugs were handled this way, the industry opinion of AI results would likely be higher.
Bad Days for Cisco and Salesforce
Seemingly tied to the compromise last week of the Trivy open source scanner, where attackers were able to replace the Trivy GitHub actions used by tens of thousands of projects for security scanning to gain access to CI/CD pipelines, Bleeping Computer reports that Cisco has had AWS keys and source code to products stolen.
Simultaneously, Cisco is having a bad time due to a compromise of Salesforce customer data by a prolific ransomware and data theft group behind similar breaches of Microsoft, Pluto TV, Mashable, AT&T, Jaguar, Qantas Airlines, and dozens of other high profile attacks. Independent of the Trivy compromise, they claim to have additional git repositories of Cisco source code, AWS buckets including customer and billing data, and more. How accurate these claims are remains to be seen, since ransomware groups often inflate the severity of their claims, obviously hoping for a greater payout.
If the attackers do have the source code to Cisco products, this could be the beginning of a long series of security issues. A common tactic after source code or internal bug database breaches is obviously to leverage the source code for faster remote bug finding, but to only use a single bug at a time. After weeks of continual security alerts and updates, many customers reach a point of exhaustion and begin to skip updates. A similar pattern happened following a breach of Oracle, resulting in a year-long situation with Java runtime environments with new exploits surfacing every time a patch closed the previous.
Gigabtye Vulnerability
The sky is blue, grass is green, and custom manufacturer tools for random motherboard features are often poorly written. Bleeping Computer also reports an flaw in the Gigabyte Control Center that allows overwriting arbitrary files.
Control Center is a piece of software installed by default on all Windows installs on Gigabyte laptops and can also be found on Windows desktops using Gigabyte motherboards. Control Center performs hardware monitoring, RGB light control, fan control, update management, and similar functions. It also supports remote pairing to manage multiple devices – and if remote pairing is enabled, CVE-2026-4415 allows writing to any file, which allows arbitrary execution of any code.
If you’ve got a Windows system with the Gigabyte tools, make sure to upgrade to the latest version as soon as possible! Bugs like these become much more serious when combined with other attacks – like router exploits or WiFi based attacks on public networks.
Securing GitHub Actions
With the record-breaking supply chain attacks, GitHub has announced they are accelerating their plans for securing repositories, actions, and publishing packages.
Directly from their blog post, GitHub recommends that all package maintainers should immediately:
- Use the CodeQL system to audit GitHub workflows. This will help automatically identify known exposures in your actions.
- Never allow a workflow to trigger on the ‘pull_request_target’. This prevents contributors from triggering actions with access to your GitHub secrets.
- Link to specific commit hashes of any external workflow actions. Actions can be imported from the GitHub Action Marketplace, typically by a tagged version – but recent attackers have been seen replacing release tags on actions. Linking to a specific commit hash stops version replacement attacks.
- Ensure you never merge a pull request with changes to the workflow. Workflows are stored in the repository under the ‘.github’ directory, and a malicious pull request could include changes to the workflow which steals the secret tokens.
Moving forwards, GitHub is expanding support of OpenID Connect (OIDC), a mechanism where GitHub and other providers like DockerHub and NPM can share authentication information without storing authentication tokens. While an OIDC configuration can’t prevent a compromised GitHub action, it should prevent harvesting authentication tokens which could be used directly against the packaging sites.
The GitHub Security Roadmap shows plans to harden the workflow system with locked dependencies, which has the goal of detecting and blocking unexpected changes to included actions. GitHub is also introducing immutable releases, which cannot be changed, even by removing the release tag and re-releasing it.
It’s nice to see what should be positive changes in how pipelines are run and packages are built, because the need for centrally managed packages certainly isn’t going away.
Apache Vuls hit macOS, Others
A handful (CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200) of vulnerabilities have been found in the Apache web server, ranging from manipulation of the user that launches CGI scripts, configuration of environment variables not being sanitized properly for CGI applications, and problems with the server-side include exec directives. None of these are world-melting bugs, but Apache is a very common web server, and is even included in standard macOS installations.
Node.JS Bounty Program Paused
Finally in an example of enormously bad timing, Node.JS announces that they are suspending their bug bounty program due to a lack of funding. While security reports are still accepted, bounties are no longer offered.
Previously, the Node.JS bug bounty program was funded by the Internet Bug Bounty, backed by Microsoft, Adobe, Meta, and other large Internet companies. As of March 27, 2026, the IBB announced it was closed to new project submissions, citing in part AI bug submissions overwhelming responders.
Overview
- Apache Software Foundation
- Apache HTTP Server
Description
Statistics
- 1 Post
Fediverse
This Week in Security: The Supply Chain Has Problems
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project.
Axios was created as a more developer-friendly Javascript HTTP interface for node.js, giving a promise-based API instead of the basic callback API. (Promise-based programming allows for simpler coding workflows, where a program can wait for a promise to be fulfilled, instead of the developer having to manage the state of every request manually.) Javascript has since provided a modern Fetch API that provides similar functionality, but Axios remains one of the most popular packages on the node.js NPM repository, with 100 million weekly downloads.
The lead developer of Axios believes he was compromised by a collaboration request – a common tactic for phishing specific targets: a project for an IDE like VS Code can include code that executes on the developers system when the project is run. Even outside a traditional IDE, common development tools like configure scripts and makefiles can easily run commands.
Socket.dev breaks down the attack in detail. Once the attackers had credentials to publish to the Axios NPM, they inserted malware as a new dependency to Axios, instead of modifying Axios itself. This likely helped the attack bypass other security checkers. The dependency – plain-crypto-js – is itself simply a copy of a popular encryption utility library, but one which executes additional code during the post-installation process available to all NPM packages.
Once triggered, the plain-crypto-js package installs platform specific malware for Windows, macOS, and Linux. Work has begun on decoding the obfuscated malware, but it appears to be a remote access tool (a RAT), a tool to allow the attackers direct remote access to any compromised system to steal credentials or install further malware like keyloggers or other data stealing tools. The full capabilities of the malware are difficult to ascertain, because it contained the ability to download and launch arbitrary binaries from a control server. Different victims may have received different payloads, based on other data found on the system, the country the system was in, and more.
Like other supply chain attacks, compromising the Axios project exposes several layers:
- Developer systems. Developers who built a package using Axios while the NPM repository was compromised have likely infected their own systems; systems with access to source code, publishing credentials, and other services.
- Build systems in the CI/CD pipeline. Continual integration / continual deployment systems automate building and releasing software, and have access to the source code, publishing credentials, and other private credentials for build tools and resources.
- The final product. By compromising the build process, the source to the released project could be modified invisibly during the build process.
The compromised packages were only available for a few hours before they were caught, but a naive guess from the 100 million weekly downloads means there could still have been millions of impacted builds, assuming around 500,000 downloads per hour.
A Good Day for AI
Researchers at Calif.io asked the Claude engine to find vulnerabilities in the Vim text editor – and it did. So they asked it to find a vulnerability in Emacs – and it did again (though it requires git to actually execute commands).
Both vulnerabilities result in commands being executed when a file is opened, which is a pretty significant result. In Vim, the command execution occurs through the ability to encode syntax and display settings via comments in the file being opened (/* vim .... */); typically these are sanitized to prevent command execution but an exception has been found. In Emacs, git hook, automatic scripts run by git based on events, is leveraged to run the commands.
Both vulnerabilities were validated by the Calif.io team before reporting them to the respective editor development teams; the Vim team has released a fix, and the Emacs team deferred the fix to the git maintainers.
Opinion of AI bug reports has been mixed to say the least among the Open Source community, with some projects outright closing vulnerability bug bounties due to floods of AI generated false reports. But this case feels appropriate – the AI was another tool used by bug hunters, and the results were confirmed as legitimate before the bugs were filed. If more AI discovered bugs were handled this way, the industry opinion of AI results would likely be higher.
Bad Days for Cisco and Salesforce
Seemingly tied to the compromise last week of the Trivy open source scanner, where attackers were able to replace the Trivy GitHub actions used by tens of thousands of projects for security scanning to gain access to CI/CD pipelines, Bleeping Computer reports that Cisco has had AWS keys and source code to products stolen.
Simultaneously, Cisco is having a bad time due to a compromise of Salesforce customer data by a prolific ransomware and data theft group behind similar breaches of Microsoft, Pluto TV, Mashable, AT&T, Jaguar, Qantas Airlines, and dozens of other high profile attacks. Independent of the Trivy compromise, they claim to have additional git repositories of Cisco source code, AWS buckets including customer and billing data, and more. How accurate these claims are remains to be seen, since ransomware groups often inflate the severity of their claims, obviously hoping for a greater payout.
If the attackers do have the source code to Cisco products, this could be the beginning of a long series of security issues. A common tactic after source code or internal bug database breaches is obviously to leverage the source code for faster remote bug finding, but to only use a single bug at a time. After weeks of continual security alerts and updates, many customers reach a point of exhaustion and begin to skip updates. A similar pattern happened following a breach of Oracle, resulting in a year-long situation with Java runtime environments with new exploits surfacing every time a patch closed the previous.
Gigabtye Vulnerability
The sky is blue, grass is green, and custom manufacturer tools for random motherboard features are often poorly written. Bleeping Computer also reports an flaw in the Gigabyte Control Center that allows overwriting arbitrary files.
Control Center is a piece of software installed by default on all Windows installs on Gigabyte laptops and can also be found on Windows desktops using Gigabyte motherboards. Control Center performs hardware monitoring, RGB light control, fan control, update management, and similar functions. It also supports remote pairing to manage multiple devices – and if remote pairing is enabled, CVE-2026-4415 allows writing to any file, which allows arbitrary execution of any code.
If you’ve got a Windows system with the Gigabyte tools, make sure to upgrade to the latest version as soon as possible! Bugs like these become much more serious when combined with other attacks – like router exploits or WiFi based attacks on public networks.
Securing GitHub Actions
With the record-breaking supply chain attacks, GitHub has announced they are accelerating their plans for securing repositories, actions, and publishing packages.
Directly from their blog post, GitHub recommends that all package maintainers should immediately:
- Use the CodeQL system to audit GitHub workflows. This will help automatically identify known exposures in your actions.
- Never allow a workflow to trigger on the ‘pull_request_target’. This prevents contributors from triggering actions with access to your GitHub secrets.
- Link to specific commit hashes of any external workflow actions. Actions can be imported from the GitHub Action Marketplace, typically by a tagged version – but recent attackers have been seen replacing release tags on actions. Linking to a specific commit hash stops version replacement attacks.
- Ensure you never merge a pull request with changes to the workflow. Workflows are stored in the repository under the ‘.github’ directory, and a malicious pull request could include changes to the workflow which steals the secret tokens.
Moving forwards, GitHub is expanding support of OpenID Connect (OIDC), a mechanism where GitHub and other providers like DockerHub and NPM can share authentication information without storing authentication tokens. While an OIDC configuration can’t prevent a compromised GitHub action, it should prevent harvesting authentication tokens which could be used directly against the packaging sites.
The GitHub Security Roadmap shows plans to harden the workflow system with locked dependencies, which has the goal of detecting and blocking unexpected changes to included actions. GitHub is also introducing immutable releases, which cannot be changed, even by removing the release tag and re-releasing it.
It’s nice to see what should be positive changes in how pipelines are run and packages are built, because the need for centrally managed packages certainly isn’t going away.
Apache Vuls hit macOS, Others
A handful (CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200) of vulnerabilities have been found in the Apache web server, ranging from manipulation of the user that launches CGI scripts, configuration of environment variables not being sanitized properly for CGI applications, and problems with the server-side include exec directives. None of these are world-melting bugs, but Apache is a very common web server, and is even included in standard macOS installations.
Node.JS Bounty Program Paused
Finally in an example of enormously bad timing, Node.JS announces that they are suspending their bug bounty program due to a lack of funding. While security reports are still accepted, bounties are no longer offered.
Previously, the Node.JS bug bounty program was funded by the Internet Bug Bounty, backed by Microsoft, Adobe, Meta, and other large Internet companies. As of March 27, 2026, the IBB announced it was closed to new project submissions, citing in part AI bug submissions overwhelming responders.
Overview
- Apache Software Foundation
- Apache HTTP Server
Description
Statistics
- 1 Post
Fediverse
This Week in Security: The Supply Chain Has Problems
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project.
Axios was created as a more developer-friendly Javascript HTTP interface for node.js, giving a promise-based API instead of the basic callback API. (Promise-based programming allows for simpler coding workflows, where a program can wait for a promise to be fulfilled, instead of the developer having to manage the state of every request manually.) Javascript has since provided a modern Fetch API that provides similar functionality, but Axios remains one of the most popular packages on the node.js NPM repository, with 100 million weekly downloads.
The lead developer of Axios believes he was compromised by a collaboration request – a common tactic for phishing specific targets: a project for an IDE like VS Code can include code that executes on the developers system when the project is run. Even outside a traditional IDE, common development tools like configure scripts and makefiles can easily run commands.
Socket.dev breaks down the attack in detail. Once the attackers had credentials to publish to the Axios NPM, they inserted malware as a new dependency to Axios, instead of modifying Axios itself. This likely helped the attack bypass other security checkers. The dependency – plain-crypto-js – is itself simply a copy of a popular encryption utility library, but one which executes additional code during the post-installation process available to all NPM packages.
Once triggered, the plain-crypto-js package installs platform specific malware for Windows, macOS, and Linux. Work has begun on decoding the obfuscated malware, but it appears to be a remote access tool (a RAT), a tool to allow the attackers direct remote access to any compromised system to steal credentials or install further malware like keyloggers or other data stealing tools. The full capabilities of the malware are difficult to ascertain, because it contained the ability to download and launch arbitrary binaries from a control server. Different victims may have received different payloads, based on other data found on the system, the country the system was in, and more.
Like other supply chain attacks, compromising the Axios project exposes several layers:
- Developer systems. Developers who built a package using Axios while the NPM repository was compromised have likely infected their own systems; systems with access to source code, publishing credentials, and other services.
- Build systems in the CI/CD pipeline. Continual integration / continual deployment systems automate building and releasing software, and have access to the source code, publishing credentials, and other private credentials for build tools and resources.
- The final product. By compromising the build process, the source to the released project could be modified invisibly during the build process.
The compromised packages were only available for a few hours before they were caught, but a naive guess from the 100 million weekly downloads means there could still have been millions of impacted builds, assuming around 500,000 downloads per hour.
A Good Day for AI
Researchers at Calif.io asked the Claude engine to find vulnerabilities in the Vim text editor – and it did. So they asked it to find a vulnerability in Emacs – and it did again (though it requires git to actually execute commands).
Both vulnerabilities result in commands being executed when a file is opened, which is a pretty significant result. In Vim, the command execution occurs through the ability to encode syntax and display settings via comments in the file being opened (/* vim .... */); typically these are sanitized to prevent command execution but an exception has been found. In Emacs, git hook, automatic scripts run by git based on events, is leveraged to run the commands.
Both vulnerabilities were validated by the Calif.io team before reporting them to the respective editor development teams; the Vim team has released a fix, and the Emacs team deferred the fix to the git maintainers.
Opinion of AI bug reports has been mixed to say the least among the Open Source community, with some projects outright closing vulnerability bug bounties due to floods of AI generated false reports. But this case feels appropriate – the AI was another tool used by bug hunters, and the results were confirmed as legitimate before the bugs were filed. If more AI discovered bugs were handled this way, the industry opinion of AI results would likely be higher.
Bad Days for Cisco and Salesforce
Seemingly tied to the compromise last week of the Trivy open source scanner, where attackers were able to replace the Trivy GitHub actions used by tens of thousands of projects for security scanning to gain access to CI/CD pipelines, Bleeping Computer reports that Cisco has had AWS keys and source code to products stolen.
Simultaneously, Cisco is having a bad time due to a compromise of Salesforce customer data by a prolific ransomware and data theft group behind similar breaches of Microsoft, Pluto TV, Mashable, AT&T, Jaguar, Qantas Airlines, and dozens of other high profile attacks. Independent of the Trivy compromise, they claim to have additional git repositories of Cisco source code, AWS buckets including customer and billing data, and more. How accurate these claims are remains to be seen, since ransomware groups often inflate the severity of their claims, obviously hoping for a greater payout.
If the attackers do have the source code to Cisco products, this could be the beginning of a long series of security issues. A common tactic after source code or internal bug database breaches is obviously to leverage the source code for faster remote bug finding, but to only use a single bug at a time. After weeks of continual security alerts and updates, many customers reach a point of exhaustion and begin to skip updates. A similar pattern happened following a breach of Oracle, resulting in a year-long situation with Java runtime environments with new exploits surfacing every time a patch closed the previous.
Gigabtye Vulnerability
The sky is blue, grass is green, and custom manufacturer tools for random motherboard features are often poorly written. Bleeping Computer also reports an flaw in the Gigabyte Control Center that allows overwriting arbitrary files.
Control Center is a piece of software installed by default on all Windows installs on Gigabyte laptops and can also be found on Windows desktops using Gigabyte motherboards. Control Center performs hardware monitoring, RGB light control, fan control, update management, and similar functions. It also supports remote pairing to manage multiple devices – and if remote pairing is enabled, CVE-2026-4415 allows writing to any file, which allows arbitrary execution of any code.
If you’ve got a Windows system with the Gigabyte tools, make sure to upgrade to the latest version as soon as possible! Bugs like these become much more serious when combined with other attacks – like router exploits or WiFi based attacks on public networks.
Securing GitHub Actions
With the record-breaking supply chain attacks, GitHub has announced they are accelerating their plans for securing repositories, actions, and publishing packages.
Directly from their blog post, GitHub recommends that all package maintainers should immediately:
- Use the CodeQL system to audit GitHub workflows. This will help automatically identify known exposures in your actions.
- Never allow a workflow to trigger on the ‘pull_request_target’. This prevents contributors from triggering actions with access to your GitHub secrets.
- Link to specific commit hashes of any external workflow actions. Actions can be imported from the GitHub Action Marketplace, typically by a tagged version – but recent attackers have been seen replacing release tags on actions. Linking to a specific commit hash stops version replacement attacks.
- Ensure you never merge a pull request with changes to the workflow. Workflows are stored in the repository under the ‘.github’ directory, and a malicious pull request could include changes to the workflow which steals the secret tokens.
Moving forwards, GitHub is expanding support of OpenID Connect (OIDC), a mechanism where GitHub and other providers like DockerHub and NPM can share authentication information without storing authentication tokens. While an OIDC configuration can’t prevent a compromised GitHub action, it should prevent harvesting authentication tokens which could be used directly against the packaging sites.
The GitHub Security Roadmap shows plans to harden the workflow system with locked dependencies, which has the goal of detecting and blocking unexpected changes to included actions. GitHub is also introducing immutable releases, which cannot be changed, even by removing the release tag and re-releasing it.
It’s nice to see what should be positive changes in how pipelines are run and packages are built, because the need for centrally managed packages certainly isn’t going away.
Apache Vuls hit macOS, Others
A handful (CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200) of vulnerabilities have been found in the Apache web server, ranging from manipulation of the user that launches CGI scripts, configuration of environment variables not being sanitized properly for CGI applications, and problems with the server-side include exec directives. None of these are world-melting bugs, but Apache is a very common web server, and is even included in standard macOS installations.
Node.JS Bounty Program Paused
Finally in an example of enormously bad timing, Node.JS announces that they are suspending their bug bounty program due to a lack of funding. While security reports are still accepted, bounties are no longer offered.
Previously, the Node.JS bug bounty program was funded by the Internet Bug Bounty, backed by Microsoft, Adobe, Meta, and other large Internet companies. As of March 27, 2026, the IBB announced it was closed to new project submissions, citing in part AI bug submissions overwhelming responders.
Overview
- Apache Software Foundation
- Apache HTTP Server
Description
Statistics
- 1 Post
Fediverse
This Week in Security: The Supply Chain Has Problems
The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project.
Axios was created as a more developer-friendly Javascript HTTP interface for node.js, giving a promise-based API instead of the basic callback API. (Promise-based programming allows for simpler coding workflows, where a program can wait for a promise to be fulfilled, instead of the developer having to manage the state of every request manually.) Javascript has since provided a modern Fetch API that provides similar functionality, but Axios remains one of the most popular packages on the node.js NPM repository, with 100 million weekly downloads.
The lead developer of Axios believes he was compromised by a collaboration request – a common tactic for phishing specific targets: a project for an IDE like VS Code can include code that executes on the developers system when the project is run. Even outside a traditional IDE, common development tools like configure scripts and makefiles can easily run commands.
Socket.dev breaks down the attack in detail. Once the attackers had credentials to publish to the Axios NPM, they inserted malware as a new dependency to Axios, instead of modifying Axios itself. This likely helped the attack bypass other security checkers. The dependency – plain-crypto-js – is itself simply a copy of a popular encryption utility library, but one which executes additional code during the post-installation process available to all NPM packages.
Once triggered, the plain-crypto-js package installs platform specific malware for Windows, macOS, and Linux. Work has begun on decoding the obfuscated malware, but it appears to be a remote access tool (a RAT), a tool to allow the attackers direct remote access to any compromised system to steal credentials or install further malware like keyloggers or other data stealing tools. The full capabilities of the malware are difficult to ascertain, because it contained the ability to download and launch arbitrary binaries from a control server. Different victims may have received different payloads, based on other data found on the system, the country the system was in, and more.
Like other supply chain attacks, compromising the Axios project exposes several layers:
- Developer systems. Developers who built a package using Axios while the NPM repository was compromised have likely infected their own systems; systems with access to source code, publishing credentials, and other services.
- Build systems in the CI/CD pipeline. Continual integration / continual deployment systems automate building and releasing software, and have access to the source code, publishing credentials, and other private credentials for build tools and resources.
- The final product. By compromising the build process, the source to the released project could be modified invisibly during the build process.
The compromised packages were only available for a few hours before they were caught, but a naive guess from the 100 million weekly downloads means there could still have been millions of impacted builds, assuming around 500,000 downloads per hour.
A Good Day for AI
Researchers at Calif.io asked the Claude engine to find vulnerabilities in the Vim text editor – and it did. So they asked it to find a vulnerability in Emacs – and it did again (though it requires git to actually execute commands).
Both vulnerabilities result in commands being executed when a file is opened, which is a pretty significant result. In Vim, the command execution occurs through the ability to encode syntax and display settings via comments in the file being opened (/* vim .... */); typically these are sanitized to prevent command execution but an exception has been found. In Emacs, git hook, automatic scripts run by git based on events, is leveraged to run the commands.
Both vulnerabilities were validated by the Calif.io team before reporting them to the respective editor development teams; the Vim team has released a fix, and the Emacs team deferred the fix to the git maintainers.
Opinion of AI bug reports has been mixed to say the least among the Open Source community, with some projects outright closing vulnerability bug bounties due to floods of AI generated false reports. But this case feels appropriate – the AI was another tool used by bug hunters, and the results were confirmed as legitimate before the bugs were filed. If more AI discovered bugs were handled this way, the industry opinion of AI results would likely be higher.
Bad Days for Cisco and Salesforce
Seemingly tied to the compromise last week of the Trivy open source scanner, where attackers were able to replace the Trivy GitHub actions used by tens of thousands of projects for security scanning to gain access to CI/CD pipelines, Bleeping Computer reports that Cisco has had AWS keys and source code to products stolen.
Simultaneously, Cisco is having a bad time due to a compromise of Salesforce customer data by a prolific ransomware and data theft group behind similar breaches of Microsoft, Pluto TV, Mashable, AT&T, Jaguar, Qantas Airlines, and dozens of other high profile attacks. Independent of the Trivy compromise, they claim to have additional git repositories of Cisco source code, AWS buckets including customer and billing data, and more. How accurate these claims are remains to be seen, since ransomware groups often inflate the severity of their claims, obviously hoping for a greater payout.
If the attackers do have the source code to Cisco products, this could be the beginning of a long series of security issues. A common tactic after source code or internal bug database breaches is obviously to leverage the source code for faster remote bug finding, but to only use a single bug at a time. After weeks of continual security alerts and updates, many customers reach a point of exhaustion and begin to skip updates. A similar pattern happened following a breach of Oracle, resulting in a year-long situation with Java runtime environments with new exploits surfacing every time a patch closed the previous.
Gigabtye Vulnerability
The sky is blue, grass is green, and custom manufacturer tools for random motherboard features are often poorly written. Bleeping Computer also reports an flaw in the Gigabyte Control Center that allows overwriting arbitrary files.
Control Center is a piece of software installed by default on all Windows installs on Gigabyte laptops and can also be found on Windows desktops using Gigabyte motherboards. Control Center performs hardware monitoring, RGB light control, fan control, update management, and similar functions. It also supports remote pairing to manage multiple devices – and if remote pairing is enabled, CVE-2026-4415 allows writing to any file, which allows arbitrary execution of any code.
If you’ve got a Windows system with the Gigabyte tools, make sure to upgrade to the latest version as soon as possible! Bugs like these become much more serious when combined with other attacks – like router exploits or WiFi based attacks on public networks.
Securing GitHub Actions
With the record-breaking supply chain attacks, GitHub has announced they are accelerating their plans for securing repositories, actions, and publishing packages.
Directly from their blog post, GitHub recommends that all package maintainers should immediately:
- Use the CodeQL system to audit GitHub workflows. This will help automatically identify known exposures in your actions.
- Never allow a workflow to trigger on the ‘pull_request_target’. This prevents contributors from triggering actions with access to your GitHub secrets.
- Link to specific commit hashes of any external workflow actions. Actions can be imported from the GitHub Action Marketplace, typically by a tagged version – but recent attackers have been seen replacing release tags on actions. Linking to a specific commit hash stops version replacement attacks.
- Ensure you never merge a pull request with changes to the workflow. Workflows are stored in the repository under the ‘.github’ directory, and a malicious pull request could include changes to the workflow which steals the secret tokens.
Moving forwards, GitHub is expanding support of OpenID Connect (OIDC), a mechanism where GitHub and other providers like DockerHub and NPM can share authentication information without storing authentication tokens. While an OIDC configuration can’t prevent a compromised GitHub action, it should prevent harvesting authentication tokens which could be used directly against the packaging sites.
The GitHub Security Roadmap shows plans to harden the workflow system with locked dependencies, which has the goal of detecting and blocking unexpected changes to included actions. GitHub is also introducing immutable releases, which cannot be changed, even by removing the release tag and re-releasing it.
It’s nice to see what should be positive changes in how pipelines are run and packages are built, because the need for centrally managed packages certainly isn’t going away.
Apache Vuls hit macOS, Others
A handful (CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200) of vulnerabilities have been found in the Apache web server, ranging from manipulation of the user that launches CGI scripts, configuration of environment variables not being sanitized properly for CGI applications, and problems with the server-side include exec directives. None of these are world-melting bugs, but Apache is a very common web server, and is even included in standard macOS installations.
Node.JS Bounty Program Paused
Finally in an example of enormously bad timing, Node.JS announces that they are suspending their bug bounty program due to a lack of funding. While security reports are still accepted, bounties are no longer offered.
Previously, the Node.JS bug bounty program was funded by the Internet Bug Bounty, backed by Microsoft, Adobe, Meta, and other large Internet companies. As of March 27, 2026, the IBB announced it was closed to new project submissions, citing in part AI bug submissions overwhelming responders.