Front Page

Supply Chain Attack

GitHub Breached Through Its Own Backyard: Malicious "Nx Console" VS Code Extension Lets TeamPCP Clone 3,800 Internal Repos

GitHub confirmed on May 20 that a threat actor self-identifying as TeamPCP — tracked as UNC6780 — cloned roughly 3,800 internal private repositories after an employee installed a trojanized build of the Nx Console VS Code extension (nrwl.angular-console v18.95.0). The poisoned version was live on the Visual Studio Marketplace for just 18 minutes on May 18.

The extension harvested developer secrets and access tokens from the local IDE environment, which the attacker replayed to pull source code, deployment scripts, and config material now listed on a criminal forum for $50,000+. GitHub says customer repos and enterprise accounts are unaffected. Forensic priority: reconstruct extension install/update telemetry, IDE token-store access, and clone events in audit logs across every repo the harvested tokens could reach.

Threat Disruption — Code-Signing

Microsoft Dismantles "Fox Tempest": Malware-Signing Service That Minted 1,000+ Fraudulent Code-Signing Certificates

Microsoft's Digital Crimes Unit disrupted Fox Tempest on May 19, revoking more than 1,000 fraudulent code-signing certificates and seizing the domain signspace.cloud through a sealed lawsuit in the Southern District of New York. Paying customers uploaded malware for signing; the certificates — valid for only 72 hours — let payloads masquerade as AnyDesk, Microsoft Teams, PuTTY, and Cisco Webex.

The $5,000–$9,000 service fed ransomware crews including Vanilla Tempest, Storm-0501, Storm-2561, and Storm-0249, whose signed loaders and stealers initially slipped past Windows trust checks. Forensic priority: inventory binaries signed by recently revoked certificates, correlate Authenticode timestamps against the 72-hour validity windows, and treat any signspace.cloud-linked signature as an indicator of compromise.

Threat Bulletin

CRITICAL
CVE-2025-34291

Langflow — origin-validation error; an overly permissive CORS config plus a refresh-token cookie set SameSite=None lets a malicious web page make credentialed cross-origin calls to the refresh endpoint, yielding tokens for authenticated RCE and full compromise; CVSS 9.4. Added to CISA KEV May 21; Iran's MuddyWater is using it for initial access. Forensic Note: Review Langflow access logs for cross-origin refresh-endpoint calls and anomalous token issuance, then hunt post-exploitation execution under the app service account.

ACTIVE EXPLOIT
CVE-2026-34926

Trend Micro Apex One (on-premise) — directory-traversal flaw lets a pre-authenticated local attacker modify a server key table to inject malicious code that is then deployed to managed agents; CVSS 6.7. Added to CISA KEV May 21 with a June 4 federal deadline. Forensic Note: Verify integrity of the Apex One key table and agent-deployment packages, and audit management-console logs for unauthorized table writes preceding mass agent updates.

Malware Spotlight

Mini Shai-Hulud — Self-Propagating Package Worm

Microsoft flagged a major resurgence of TeamPCP's Shai-Hulud campaign on May 11, with "Mini Shai-Hulud" compromising 170+ npm packages and 2 PyPI packages across 404 malicious versions touching 518M monthly downloads. The worm uses preinstall/import hooks to fetch the Bun runtime, decrypt hidden payloads, and harvest GitHub Actions, npm, AWS, Kubernetes, and Vault credentials — even defeating SLSA Build Level 3 provenance. Forensic Note: Hunt rogue preinstall scripts, unexpected Bun downloads, and the gh-token-monitor persistence daemon; treat any CI/CD secret reachable from an affected build as compromised.