Sam Stepanyan

Ubuntu, Fedora, Linux Mint Eye Age Verification Amid California Law Backlash - 9to5Linux The upcoming California Digital Age Assurance Act law requires OSes to ask users to input their birth date during setup to protect minors.

#linux: Ubuntu, Fedora, Mint Linux are considering adding age verification to Linux due to the upcoming law mandating that OS providers and application developers implement age verification measures to protect minors online. This will have a huge impact:

Trivy security incident 2026-03-01 · aquasecurity/trivy · Discussion #10265 Trivy has been attacked today via GitHub Actions, along with other popular projects: https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation. We believe the vulnerability came f...

#trivy: The GitHub repo of Cloud Security and Supply Chain Security vendor Aqua Security popular vulnerability scanner tool 'trivy' was compromised yesterday via GitHub Actions:
#SoftwareSupplyChainSecurity
👇

Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

#NPM: If previously attackers hijacked NPM packages to install credential-stealing and data-stealing malware, in this latest hijack of Cline CLI the attackers installed #OpenClaw:
#SoftwareSupplyChainSecurity
👇

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflow... An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

#NPM: New Shai-Hulud–like supply chain worm is actively targeting the npm ecosystem with at least 19 malicious npm packages designed to steal developer & CI/CD secrets & automatically spread across repositories & workflows:
#SoftwareSupplyChainSecurity
👇

socket.dev/blog/sandwor...

"A swarm of agents! Everywhere!" I was watching a 1983 British spy thriller starring Michael Caine and Laurence Olivier and then I hear this 25 minutes in😮: 🔊

Just re-watched Spiderman2 on Netflix (shot in 2004) where Dr Octopus has AI-controlled Claws attached to his body using tentacles, neuro-linked to his brain with a "guardrail" microchip making sure the AI in the claws does not go rogue, and it does... Eerie watching this in 2026:🦞

Just re-watched Spiderman2 on Netflix (shot in 2004) where Dr Octopus has AI-controlled Claws attached to his body using tentacles, neuro-linked to his brain with a "guardrail" microchip making sure the AI in the claws does not go rogue, and it does... Eerie watching this in 2026:🦞

Join us in Oslo for the OWASP Contributor Workshop. Get hands-on with the projects powering open-source security worldwide. Learn, connect, and start contributing on the spot.

📆 March 6
🎟️ Free signup: luma.com/4hp7c8bm

#owasp #NDC #workshop #opensource #appsec #infosec #community

Major 'vibe-coding' platform Orchids is easily hacked, researcher finds Vibe-coding tools - which let people without coding skills create apps using AI - are exploding in popularity.

#AI: Major AI #vibecoding platform's flaws allow BBC reporter to be hacked:
#Orchids platform claims to have a million users, and says it is used by top companies including Google, Uber, and Amazon:
#AISecurity
👇
www.bbc.co.uk/news/article...

RCE in Google's AI code editor Antigravity - $10000 Bounty Hacktron AI Research Team discovered a critical RCE in Google’s Antigravity IDE that lets attackers take over your system just by opening a malicious website.

#Antgravity - an AI code editor from Google that has access to your entire codebase and terminal had a Remote Code Execution (#RCE) vulnerability - a great find and write-up by @HacktronAI earning them $10k #BugBounty!
#BugBountyTips
👇

www.hacktron.ai/blog/hacking...

Hackers exploit critical React Native Metro bug to breach dev systems Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux.

#ReactNative: Critical vulnerability in Metro server for #React Native CVE-2025-11953 allows unauthenticated attackers to execute arbitrary OS commands via a POST request is actively exploited - patch now!
#Metro4Shell
#SoftwareSupplyChainSecurity
👇
www.bleepingcomputer.com/news/securit...

The number of startups, products and workflows built on #chatGPT-4.x models is huge!

This is your reminder that #OpenAI will be *retiring all* gpt-4.x, o4-mini and some gpt-5 models next week on February 13th, 2026 🍿:
#AIBOM
👇
help.openai.com/en/a...

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

#Notepad++ Official Update Mechanism Was Hijacked to Deliver Malware.

Notepad++ downloads between September 2 - December 2, 2025 were diverted to malicious servers.
#SoftwareSupplyChainSecurity
👇

AI on Australian travel company website sends tourists to nonexistent hot springs | CNN An AI-generated blog on a tour company’s website has landed tourists in hot water — and not the kind they were looking for — after it emerged the “tranquil” northern Tasmania hot springs it recommended don’t actually exist.

#AI on Australian travel company website sends tourists to nonexistent hot springs, describing a non-existing site as a “tranquil haven" rated “favourite among hikers", causing "droves of tourists" turning up in places with no services/cell coverage:

Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released Ivanti released fixes for two actively exploited EPMM zero-day RCE flaws, including CVE-2026-1281 added to CISA’s KEV, affecting versions before 12.8.

#Ivanti: Two Ivanti EPMM #ZeroDay Unauthenticated #RCE Vulnerabilities CVE-2026-1281 & CVE-2026-1340 Actively Exploited, Patch Now!
👇
thehackernews.com/2026/01/two-...

Critical OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code OpenSSL patched 12 vulnerabilities on January 27, 2026, including one high-severity flaw that could lead to remote code execution. Most issues cause denial-of-service attacks but highlight risks in pa...

#OpenSSL Critical Vulnerabilities Allow Remote Attackers to Execute Malicious Code (CVE-2025-15467). Patches released:
👇
cybersecuritynews.com/openssl-vuln...

DNS Based OSINT Techniques for Product and Service Discovery - Rishi C YouTube video by OWASP London

Many thanks to Rishi C (@rxerium.com) for presenting his talk: "DNS Based #OSINT Techniques for Product and Service Discovery" at our meetup last week.

The video recording of the talk is available to watch 📺 on the #OWASPLondon YouTube Channel [PLEASE SUBSCRIBE!]:
👇
www.youtube.com/watch?v=lGO3...

European Space Agency's cybersecurity in freefall as yet another breach exposes spacecraft and mission data It has just been a few weeks since we reported on the Christmas cyber attack suffered by the European Space Agency (ESA), and the situation has already become worse.

#ESA: European Space Agency's cybersecurity in freefall as yet another breach exposes spacecraft and mission data:

#databreach

👇

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts A fake sympy-dev package on PyPI impersonates the SymPy library to download and run XMRig cryptominers on Linux using in-memory execution.

#Python : Malicious #PyPI Package called 'sympy-dev' Impersonates #SymPy, Deploys XMRig Miner on Linux Hosts:

#SoftwareSupplyChainSecurity
👇

Time for @owasplondon.bsky.social!!

#OWASPLondon @owasp.org @securestep9.bsky.social

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access A 9.8-severity flaw (CVE-2026-24061) in GNU InetUtils telnetd allows remote authentication bypass and root access in versions 1.9.3 to 2.7.

#telnet: Critical telnetd #Vulnerability CVE-2026-24061 Lets Attackers Bypass Login and Gain Root Access on systems running GNU InetUtils since version 1.9.3 up to and including version 2.7.

The vulnerability went unnoticed for nearly 11 years.

👇

CVE-2025-68428: Critical Path Traversal in jsPDF | Blog | Endor Labs Critical path traversal in jsPDF (<= 3.0.4) allows arbitrary file read via Node.js builds. Upgrade to 4.0.0 to remediate CVE-2025-68428.

#jsPDF: Critical Path Traversal Vulnerability (CVE-2025-68428) in jsPDF - a widely-adopted #npm package for generating PDF documents in JavaScript applications allows attackers to read & exfiltrate arbitrary files from the local filesystem:
👇

OWASP London Chapter Meetup [IN-PERSON], Wed, Jan 21, 2026, 6:00 PM | Meetup **This event is kindly sponsored by Nuaware.** **Raffle prizes are kindly sponsored by GitGuardian and Docker.** **There is limited seating available for in-person attende

The next OWASP London Chapter in-person Meetup will take place on January 21st, 2026, kindly sponsored by @nuaware_tech with raffle prizes kindly sponsored by @GitGuardian and @Docker

Register to attend this event here:
👇

How Trust Wallet Crypto Users Lost $6M+ in a Browser Extension Incident $6M+ in BTC, ETH, and SOL was lost via a Trust Wallet browser extension incident, prompting an urgent user warning.

#TrustWallet: in a potential supply chain attack TrustWallet browser extension is compromised in the latest update with injected malicious code quietly sending the wallet's seed phrase to malicious domain named "metrics-trustwallet(.)com"- registered only a few days ago
👇
www.ccn.com/education/cr...

MongoDB warns admins to patch severe RCE flaw immediately MongoDB has warned IT admins to immediately patch a high-severity vulnerability that may be exploited in remote code execution (RCE) attacks targeting vulnerable servers.

#MongoDB and MongoDB Server multiple versions are vulnerable to Remote Code Execution (#RCE) #vulnerability CVE-2025-14847 and may be abused by unauthenticated threat actors in low-complexity attacks that don't require user interaction. Patch now!
👇
www.bleepingcomputer.com/news/securit...

🎉 Big news! Early Bird tickets for OWASP Global AppSec Vienna 2026 are here!
25 years of OWASP ✨ Stunning Vienna 🇦🇹 World-class training 🧠 & a conference like no other 🔥
Why wait? Register now for early bird pricing: owasp.glueup.com/eve...
#appsec #owasp #cybersecurity #securebydesign

Remote Code Execution via Expression Injection ### Impact n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users dur...

#n8n: Critical CVSS 10.0 Remote Code Execution (#RCE) #Vulnerability in n8n via expression injection. Users advised to upgrade to version 1.122.0 or later immediately:

github.com/n8n-io/n8n/s...

Gemini Zero-Click Vulnerability Let Attackers Access Gmail, Calendar, and Docs A critical zero-click vulnerability dubbed "GeminiJack" in Google Gemini Enterprise and previously Vertex AI Search that let attackers siphon sensitive corporate data from Gmail, Calendar, and Docs wi...

#Gemini Zero-Click #Vulnerability Let Attackers Access Gmail, Calendar, and Docs. No clicks or warnings were needed. An attacker simply shared a poisoned Google Doc, Calendar invite, or email embedding hidden prompt injections.
#AISecurity
👇 cybersecuritynews.com?p=135749

If you missed @shehackspurple.bsky.social 's talk "30 Tips for Secure #JavaScript" at the @owasplondon.bsky.social meetup last week - you can watch the recording on the #OWASPLondon YouTube channel [please subscribe!]:

Swiss government urges people to ditch Microsoft 365 and others due to lack of proper encryption Switzerland is worried about data privacy

#Swiss government urges citizens to ditch #Microsoft365 and other #Cloud providers due to lack of proper E2E encryption citing US Cloud Act requirement to hand over data to US authorities, even if it’s stored in Switzerland:
#DataSecurity
👇
www.techradar.com/pro/security...