Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
Fake Installers to Monero: A Multi-Tool Mining Operation
Elastic Security Labs documents REF1695, a financially motivated operation active since late 2023 deploying RATs (PureRAT, CNB Bot), cryptominers (XMRig, PureMiner, SilentCryptoMiner), and CPA fraud through fake installer ISO packages. The operator uses consistent Themida/WinLicense + .NET Reactor packing, overlapping C2 infrastructure, and social engineering lures to bypass SmartScreen, with tracked Monero payouts exceeding 27.88 XMR across four wallets. The report documents previously unreported CNB Bot (.NET implant with RSA-2048 task authentication), custom XMRig loaders with evasion timers that kill miners when analysis tools are detected, and SilentCryptoMiner's use of direct syscalls and parent process spoofing for injection.
Axios npm package compromised to deploy malware
On March 30, 2026, the Axios npm package (versions 1.14.1 and 0.30.4) was compromised via maintainer account takeover, injecting a malicious dependency that deploys a cross-platform RAT during installation. The attack is attributed to NICKEL GLADSTONE, a North Korean state-sponsored group, based on forensic metadata, C2 patterns, and malware signatures. The malware executes on Windows, macOS, and Linux systems, communicates with C2 infrastructure, and attempts to evade detection by removing artifacts and replacing package metadata.
The Real Risk of Vibecoding
Trend Micro research examines how AI-driven code generation ("vibecoding") accelerates software development while outpacing traditional security review, governance, and ownership models. The analysis identifies that rapid AI-generated code introduces unintended dependencies, risky defaults, weak secret handling, and fragmented accountability—not because AI writes insecure code, but because the volume and speed of change overwhelm existing security controls.
Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads
Axios npm package (100M+ weekly downloads) was compromised on March 30, 2026 when attackers hijacked the lead maintainer's npm account and published malicious versions 1.14.1 and 0.30.4 containing a phantom dependency (plain-crypto-js@4.2.1) that deployed a cross-platform RAT with postinstall hooks. The malware executed platform-specific payloads (AppleScript on macOS, VBScript+PowerShell on Windows, Python on Linux), established C&C callbacks to sfrclak[.]com, and performed anti-forensics by self-destructing and replacing evidence with clean decoys. The attack bypassed GitHub Actions OIDC Trusted Publisher safeguards by using a stolen npm token for manual publication, and npm removed the packages within ~3.5 hours of detection.
CVE-2026-5154 — Tenda Ch22_firmware: The manipulation of the argument funcname leads to stack-based buffer overflow.
A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of the file /goform/setcfm of the component Parameter Handler. The manipulation of the argument funcname leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. CVSSv3.1 8.8 (HIGH) · EPSS 15th percentile
CVE-2026-5130 — Debugger: The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in
The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1.3.2. This was due to the plugin accepting the wp_debug_troubleshoot_simulate_user cookie value directly as a user ID without any cryptographic validation or authorization checks. The cookie value was used to override the determine_current_user filter, which allowed unauthenticated attackers to impersonate any user by simply setting the co CVSSv3.1 8.8 (HIGH) · EPSS 6th percentile
CVE-2026-4257 — Contact: The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection
The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in all versions up to, and including, 1.7.36. This is due to the plugin using the Twig `Twig_Loader_String` template engine without sandboxing, combined with the `cfsPreFill` prefill functionality that allows unauthenticated users to inject arbitrary Twig expressions into form field values via GET parameters. This makes it possible f CVSSv3.1 9.8 (CRITICAL) · EPSS 96th percentile
QBDI vs TritonDSE against a VM: who will be the fastest?
Quarkslab researchers demonstrate using QBDI and TritonDSE symbolic execution engines to reverse-engineer and solve a custom VM challenge from the Jeanne d'Hack CTF 2026. The writeup covers dynamic binary instrumentation via coredump loading, symbolic execution to track flag validation logic, and practical workarounds for unsupported CPU instructions during emulation.
CVE-2026-34558 — Ci4-cms-erp Ci4ms: These stored values are later rendered directly into administrative interfaces and global navigation components
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input within the Methods Management functionality when creating or managing application methods/pages. Multiple input fields accept attacker-controlled JavaScript payloads that are stored server-side without sanitization or output encoding. These store CVSSv3.1 9.1 (CRITICAL)
CVE-2026-34557 — Ci4-cms-erp Ci4ms: These stored payloads are later rendered unsafely within privileged administrative views without proper output
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input within group and role management functionality. Multiple input fields (three distinct group-related fields) can be injected with malicious JavaScript payloads, which are then stored server-side. These stored payloads are later rendered unsafely w CVSSv3.1 9.1 (CRITICAL)
CVE-2026-32877 — Botan_project Botan: From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked
Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value (C3) failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read of up to 31 bytes, resulting in a crash or potentially other undefined behavior. This issue has been patched in version 3.11.0. CVSSv3.1 8.2 (HIGH)
CVE-2026-30313 — Cline Cline: DSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability that renders its
DSAI-Cline's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on string-based parsing to validate commands; while it intercepts dangerous operators such as ;, &&, ||, |, and command substitution patterns, it fails to account for raw newline characters embedded within the input. An attacker can construct a payload by embedding a literal newline between a w CVSSv3.1 9.8 (CRITICAL)
CVE-2026-30308 — Presidio Hai_build: However, this design is highly susceptible to prompt injection attacks.
In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe commands and Execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges a command to be potentially destructive, it still requires user approval. However, this design is highly susceptible to prompt injection attacks. An attacker can employ a generic templ CVSSv3.1 9.8 (CRITICAL)
CVE-2026-30306 — Rahmanazhar Sakadev: However, this design is highly susceptible to prompt injection attacks.
In its design for automatic terminal command execution, SakaDev offers two options: Execute safe commands and execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges a command to be potentially destructive, it still requires user approval. However, this design is highly susceptible to prompt injection attacks. An attacker can employ a generic template to wrap any m CVSSv3.1 9.8 (CRITICAL)
CVE-2026-30307 — Roocode Roo_code: Roo Code's command auto-approval module contains a critical OS command injection vulnerability that renders
Roo Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations, it fails to account for standard Shell command substitution Roo Code (specifically$(...)and backticks ...). An attacker can construct a command such as git log --grep="$(malicious_comm CVSSv3.1 9.8 (CRITICAL)
CVE-2026-30305 — Orangecat Syntx: Syntx's command auto-approval module contains a critical OS command injection vulnerability that renders its
Syntx's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations, it fails to account for standard Shell command substitution syntax (specifically $(...)and backticks ...). An attacker can construct a command such as git log --grep="$(malicious_command) CVSSv3.1 9.8 (CRITICAL)
CVE-2026-34714 — Vim Vim: before 9.2.0272 allows code execution that happens immediately upon opening a crafted file
Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE. CVSSv3.1 9.2 (CRITICAL) · EPSS 41th percentile
CVE-2026-29872 — Theunwindai Awesome_llm_apps: A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-1
A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19). The affected Streamlit-based GitHub MCP Agent stores user-supplied API tokens in process-wide environment variables using os.environ without proper session isolation. Because Streamlit serves multiple concurrent users from a single Python process, credentials provided by one user remain accessible to subsequent unauthenti CVSSv3.1 8.2 (HIGH)
CVE-2026-2287 — Crewai Crewai: does not properly check that Docker is still running during runtime, and will
CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation. CVSSv3.1 9.8 (CRITICAL)
CVE-2026-2286 — Crewai Crewai: contains a server-side request forgery vulnerability that enables content acquisition from internal and
CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime. CVSSv3.1 9.8 (CRITICAL)
CVE-2026-33373 — Synacor Zimbra_collaboration_suite: A Cross-Site Request Forgery (CSRF) vulnerability exists in Zimbra Web Client due to the
An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A Cross-Site Request Forgery (CSRF) vulnerability exists in Zimbra Web Client due to the issuance of authentication tokens without CSRF protection during certain account state transitions. Specifically, tokens generated after operations such as enabling two-factor authentication or changing a password may lack CSRF enforcement. While such a token is active, authenticated SOAP requests that trigger token gene CVSSv3.1 8.8 (HIGH)
CVE-2026-4415 — Gigabyte Control_center: Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability.
Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation. CVSSv3.1 8.1 (HIGH)
CVE-2025-15379 — Lfprojects Mlflow: A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in
A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the `_install_model_dependencies_to_env()` function. When deploying a model with `env_manager=LOCAL`, MLflow reads dependency specifications from the model artifact's `python_env.yaml` file and directly interpolates them into a shell command without sanitization. This allows an attacker to supply a malicious model artifact and achieve arbitrary command execution o CVSSv3.1 9.8 (CRITICAL) · EPSS 47th percentile
New widespread EvilTokens kit: device code phishing as-a-service – Part 1
Sekoia's TDR team discovered EvilTokens, a new Phishing-as-a-Service (PhaaS) kit leveraging Microsoft device code authentication flows to harvest access and refresh tokens at scale since mid-February 2026. The kit provides turnkey phishing pages impersonating trusted services (Adobe, DocuSign, SharePoint), automated token weaponization including Primary Refresh Token (PRT) conversion, and reconnaissance capabilities, with widespread adoption across finance, HR, and logistics sectors globally. EvilTokens enables attackers to bypass MFA and establish persistent access to Microsoft 365 accounts without triggering interactive authentication challenges.
CVE-2025-15036 — Lfprojects Mlflow: A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of
A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An attacker with control over the tar.gz file can exploit this issue to overwrite arbitrary files or gain elevated privileges, potentially escaping the sandbox directory in mult CVSSv3.1 10.0 (CRITICAL) · EPSS 4th percentile