Axios npm Supply Chain Compromise and Fortinet Client EMS Exploits Exposed

Post Views: 151

Axios npm Supply Chain Compromise Exposes Users to Remote Access Trojans

A security researcher has discovered that the npm package repository has been compromised, allowing an unknown attacker to publish malicious packages that install remote access trojans.

According to Google researchers, the attack is linked to North Korean hackers, citing similarities with previous campaigns.

The compromised package, axios@0.24.0, contains a malicious dependency that triggers the installation of a remote access trojan when installed. The trojan establishes a reverse tunnel to a server controlled by the attacker, providing them with persistent access to the compromised system.

To mitigate this risk, users should update their dependencies to the latest version of Axios and remove any existing instances of the compromised package.
Developers should also ensure that they are using trusted package managers and monitoring their dependencies regularly for signs of tampering.

FortiClient EMS Zero-Day Exploited, Emergency Hotfixes Available

Attackers have been observed exploiting a zero-day vulnerability in the FortiClient Endpoint Management Server (EMS).

The vulnerability, identified as CVE-2026-35616, is a previously unknown issue that allows attackers to execute arbitrary code on the EMS server.

Emergency hotfixes are available for FortiOS 6.4.x and 6.6.x versions, and users are advised to apply these patches immediately to prevent further exploitation.

Cisco IMC Auth Bypass Vulnerability Allows Attackers to Alter User Passwords

A vulnerability in the Cisco Integrated Management Controller (IMC) allows attackers to bypass authentication and gain access to the system as Admin.

The vulnerability, identified as CVE-2026-20093, is a critical issue that could have severe consequences if exploited.

Users are advised to patch their systems as soon as possible to prevent exploitation of this vulnerability.

Claude Code Source Leak Exploited to Spread Malware

A source code leak involving Anthropic’s Claude Code tool has been exploited by attackers to lure developers into spreading malware.

The exposed files contained sensitive information that allowed attackers to create malicious payloads and distribute them to unsuspecting victims.

Trivy Supply Chain Attack Enables European Commission Cloud Breach

A supply chain attack on the Trivy project has allowed attackers to breach the cloud infrastructure of the European Commission.

The attackers stole and leaked approximately 340 GB of data, highlighting the risks associated with supply chain compromises.

Microsoft Releases Open-Source Toolkit to Govern Autonomous AI Agents

Microsoft has released an open-source toolkit to govern autonomous AI agents.

The Agent Governance Toolkit provides a framework for managing the autonomy of AI agents, ensuring that they operate within established boundaries and follow predetermined rules.

Breaking Out: Can AI Agents Escape Their Sandboxes?

Researchers have developed a benchmark called SandboxEscapeBench to evaluate the ability of AI agents to escape their containers and reach the host system.

The benchmark simulates a scenario where an agent with shell access attempts to break free from its sandbox and gain access to sensitive information.