Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised

May 19, 2026 By Liran Tal In Snyk
The ink was barely dry on our coverage of the AntV Shai Hulud supply chain attack when a new compromise surfaced in the Python ecosystem. The target this time is durabletask, an open source Python package associated with Microsoft, used for building durable, fault-tolerant workflow orchestration on top of the Durable Task Framework. The latest safe version of durabletask is 1.4.0, and three known versions have been yanked from the PyPI registry.
Read Post
detectify

Understanding the OWASP Top 10 2025 for Modern Application Security

May 19, 2026 By Detectify In Detectify
In the world of application security, vulnerabilities are always a moving target. As modern applications keep becoming increasingly API-driven, cloud-native, and dependent on third-party services, the attack surface has expanded dramatically. For years, the OWASP Top 10 has served as the North Star for security professionals, providing a consensus-based ranking of the most critical web application security risks.
Read Post

Mini Shai-Hulud: The Most Sophisticated NPM Supply Chain Attack of 2026

May 18, 2026 By Snyk In Snyk
On May 11, 2026, the TanStack namespace was hit by a "Mini Shai-Hulud" supply chain attack. Unlike typical attacks, this did not involve stolen credentials; instead, the threat group TeamPCP hijacked the legitimate GitHub Actions release pipeline. This video covers the technical details of the OIDC token extraction, the "Dead Man's Switch" that triggers a rm -rf / upon credential revocation, and the mandatory remediation order you must follow to save your data. We also discuss how to harden your workflow using release-age cooldowns and OIDC pinning.
View Video

Attackers Don't Care About Your CVSS Score

May 18, 2026 By CrowdStrike In CrowdStrike
No blind spots. No waiting. Just visibility that works. Customers using Falcon Exposure Management say it has changed how they view and prioritize risk. They’re getting instant clarity across cloud, endpoint, and identity — knowing exactly which exposures to address first. They’re cutting through noise, saving time, and acting faster with AI-powered context from ExPRT.AI. In this video, they share how Falcon Exposure Management delivers the full picture — and why they’ll never go back to legacy VM tools.
View Video

"Dirty Frag", Canvas ransomware, "Mini Shai-Hulud" malware & AI-developed zero-day exploit [324]

May 18, 2026 By LimaCharlie In LimaCharlie
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.
View Video
upguard

What is CVSS? A Complete Guide to Vulnerability Scoring

May 18, 2026 By Shane Moosa In UpGuard
The Common Vulnerability Scoring System (CVSS) remains the bedrock of risk communication for many mid-market organizations. Assigning numerical values to vulnerabilities enables a unified dialogue among security researchers, vendors, and IT teams, ensuring everyone speaks the same language when a new threat emerges. However, relying on a static score is no longer enough to defend a modern enterprise.
Read Post
komodo consulting

We Pentested a Complex API Application with AigentX AI Agent - Then Verified the Results with Source Code Review

May 18, 2026 By Komodo Research In Komodo Consulting
How AigentX found 24 real vulnerabilities, confirmed what wasn't exploitable, and discovered risks that code review alone could never catch.
Read Post

How to Integrate ITSM in Aurora Vulnerability Management for Better Visibility & Faster Remediation

May 18, 2026 By Arctic Wolf Networks In Arctic Wolf
See how Arctic Wolf Aurora Vulnerability Management turns risk visibility into remediation through seamless integrations with partners like ServiceNow and ConnectWise. This demo shows how automated ticketing, unified workflows, and prioritized findings help security and IT teams accelerate remediation without added workload.
View Video
Snyk

Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account

May 18, 2026 By Liran Tal In Snyk
A supply chain attack affecting the @antv data visualization ecosystem and related npm packages is actively spreading through the npm registry. The attack, attributed to a threat group called TeamPCP and branded as another wave of the Mini Shai-Hulud campaign, published more than 300 malicious package versions across 323 packages in a 22-minute automated burst on May 19, 2026. The packages collectively represent approximately 16 million weekly downloads.
Read Post
Snyk

Malicious node-ipc versions published to npm in suspected maintainer account compromise

May 15, 2026 By Brian Vermeer In Snyk
On May 14, 2026, multiple malicious versions of the popular npm package node-ipc were published to the npm registry. Current public reporting identifies node-ipc@9.1.6, node-ipc@9.2.3, and node-ipc@12.0.1 as compromised versions containing an obfuscated credential-stealing payload. The malicious code was added to the CommonJS bundle, node-ipc.cjs, and is triggered when the package is loaded through require("node-ipc").
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.