LIVE FEED
FIRST LOOK Yellow Teams Bring AI Offense and Defense Into One Security Function // FIRST LOOK Tracebit Ships AWS Context Bombing Defence Against AI Hacking Agents // FIRST LOOK FriendMachine Launches Jacquard Lang for AI-Written Code Review // CRITICAL Check Point 2026 AI Security Report: LLMs Now Run Live Attacks // FIRST LOOK OpenAI GPT-5.6 Sol Ships Faster Parallel Tool-Use for Agents // FIRST LOOK Meta Launches Muse Image with Public Instagram Photo Reuse // FIRST LOOK Estonia Launches State-Issued Digital IDs for AI Agents // HIGH AI Widens Skill-Ability Gap, Enabling Autonomous Cyberattacks // FIRST LOOK OpenAI Expands ChatGPT Into Family and Caregiver Households // FIRST LOOK Iroh Launches Mesh LLM for Distributed AI Across Peer Nodes //
node-ipc Supply Chain Backdoor Steals Cloud and AI Credentials

node-ipc Supply Chain Backdoor Steals Cloud and AI Credentials

ATLAS OWASP CRITICAL Active exploitation · Immediate action required ▲ 7.2 The Hacker News

Three versions of the widely-used node-ipc npm package were found to contain obfuscated stealer/backdoor payloads published by an unauthorised maintainer account. The malware harvests 90 categories of developer secrets — including Claude AI and Kiro IDE configurations, AWS, Azure, and GCP credentials — and exfiltrates them via HTTPS and DNS tunnelling to an attacker-controlled domain. The compromise is notable for bypassing npm lifecycle hooks entirely and, in one version, targeting a specific developer via pre-computed SHA-256 fingerprinting.

Axios npm Library Compromised in Supply Chain Attack

Axios npm Library Compromised in Supply Chain Attack

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 The Hacker News

A North Korean threat group (UNC1069) compromised the popular npm Axios library via a supply chain attack, injecting a backdoor (WAVESHAPER.V2) into two poisoned versions that were inadvertently downloaded by OpenAI's macOS app-signing GitHub Actions workflow. Although OpenAI found no evidence of certificate exfiltration or user data compromise, the incident exposed the signing credentials for ChatGPT Desktop, Codex, Codex CLI, and Atlas, prompting certificate revocation and mandatory app updates by May 8, 2026. The attack highlights the acute risk of software supply chain compromises against AI product delivery pipelines.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.