devtake.dev
AI Security Hardware Open Source Policy Apple

#supply-chain

RSS

Supply-chain attacks, typosquatting, dependency compromises, and the ecosystem response.

Related: #security · 22 #credential-theft · 14 #ai-security · 7 #dev-tools · 6 #github · 6 #npm · 6 #rce · 6 #anthropic · 4 #china · 4 #malware · 4
Canonical Ubuntu logo on the canonical.com homepage, illustrating the company affected by the May 2026 DDoS attack.
Security·

A DDoS knocked Ubuntu's update servers offline. The Copy Fail patch landed in the same 24-hour window.

The 313 Team flooded Canonical's infrastructure starting May 1, blocking apt updates and the Ubuntu security API just as admins needed both.

Lightning AI logo on a dark background, illustrating the PyPI supply chain compromise of the lightning Python package.
Security·

Mini Shai-Hulud hit PyTorch Lightning. The 11.6M-download PyPI package shipped a credential stealer.

Two malicious lightning releases hit PyPI on April 30. The 42-minute window was enough to ship an RSA-encrypted infostealer to ML developers worldwide.

WatchTowr Labs disclosure illustration for the cPanel and WHM authentication bypass CVE-2026-41940
Security·

70 million domains had a no-password root bypass. cPanel rushed an emergency patch.

cPanel shipped fixes April 28 for a CVSS 9.8 auth bypass that walks attackers into shared-hosting panels with no password. WatchTowr says exploitation started before the patch.

The Copy Fail launch graphic showing a stylized terminal prompt and the title text on a dark background.
Security·

'Copy Fail' lets a 732-byte script grab root on Ubuntu, RHEL, and SUSE. Patched April 29.

CVE-2026-31431 chains AF_ALG and splice() to write into the page cache of /usr/bin/su. Xint Code disclosed it on April 29, nine years after the bug shipped.

GitHub branding image used by Wiz Research in their CVE-2026-3854 writeup.
Security·

Wiz found an RCE in GitHub's git-push pipeline. The patch shipped in six hours.

CVE-2026-3854 is a CVSS 8.7 RCE in GitHub's git-push pipeline. github.com fixed it within hours. 88% of Enterprise Server installs were still vulnerable at disclosure.

Socket security research card promoting the CanisterWorm Namastex compromise analysis.
Security·

Another npm worm: CanisterWorm hits 16 Namastex packages and reaches PyPI on the same hop

Socket flagged a self-propagating worm in @automagik/genie, pgserve, and 14 sibling Namastex Labs packages. It steals 40 credential categories and republishes itself.

A malicious GGUF file owns your SGLang server: CVE-2026-5760 is an unpatched 9.8
Security·

A malicious GGUF file owns your SGLang server: CVE-2026-5760 is an unpatched 9.8

SGLang's reranker renders chat templates without a sandbox. Load a hostile GGUF, hit /v1/rerank, and the attacker has Python on your inference box. No patch yet.

Anthropic Project Glasswing branding from Anthropic's news page.
AI·

A Discord group guessed Anthropic's URL pattern and walked into Claude Mythos

Bloomberg reports a small group accessed Anthropic's locked-down Mythos model the same day it launched, using credentials from a third-party contractor and educated URL guessing.

Aikido Security illustration of the GPT-Proxy backdoor.
Security·

Malicious npm and PyPI packages turn dev servers into Chinese LLM proxies

Aikido found a stage-2 Go binary inside two health-check-themed packages that runs an OpenAI-compatible router routing Claude, GPT, and Gemini traffic through Chinese aggregators.

Bitwarden CLI compromised by the Shai-Hulud npm worm
Security·

Bitwarden CLI got backdoored for 90 minutes. The worm calls itself 'Shai-Hulud: The Third Coming.'

A malicious @bitwarden/cli@2026.4.0 hit npm on April 22. The payload steals npm tokens, cloud secrets, and Claude Code credentials, then self-replicates.

Microsoft .NET blog post image for the 10.0.7 out-of-band security update
Security·

Microsoft rushed an out-of-band ASP.NET Core patch. If you shipped between April 14 and April 21, you need to rebuild.

CVE-2026-40372 lets attackers forge auth cookies on .NET 10.0.6 apps on Linux and macOS. The fix is 10.0.7. Here's what broke, who's exposed, and how to patch.

GitHub social card for the protobufjs/protobuf.js repository.
Security·

protobuf.js RCE: a 52M/week npm package was one bad type name from code execution

GHSA-xq3m-2v4x-88gg hits protobuf.js ≤8.0.0 / ≤7.5.4. Attacker-controlled schemas executed arbitrary JS on decode. One-line fix patched it.

GitHub OG card for the StarScout research repository from Carnegie Mellon
Open Source·

Inside GitHub's fake star economy: 6 million bought stars and how to spot them

A Carnegie Mellon study counted 6 million suspected fake stars across 18,617 GitHub repos. Here's what the StarScout research actually found and how to read a star count now.

Vercel logo displayed on the company's security incident bulletin page
Security·

Vercel got breached through a third-party AI tool's OAuth app. Here's what leaked.

A Context.ai compromise let attackers take over a Vercel employee's Google Workspace. Non-sensitive env vars were exposed, and a ShinyHunters persona is asking $2M.

Trivy logo, the open-source vulnerability scanner from Aqua Security
Security·

Trivy got hijacked: 75 of 76 version tags rewrote to drop a CI secret-stealer

Attackers force-pushed 75 of 76 trivy-action tags to a malicious commit. Pinning by tag turned a trusted scanner into an infostealer for CI pipelines.