klassiker

442 posts

klassiker

@_lupia_

denk dir den rest

Katılım Nisan 2014

332 Takip Edilen83 Takipçiler

klassiker@_lupia_·6 Nis

@sekurlsa_pw @vxunderground Here is the video of ilspy[.]org: x.com/CyberIL/status… The ilspy[.]net is used by the UpdateService: github.com/icsharpcode/IL… Bit confusing - currently the GH-Page redirects to the non-TLS custom domain, which is seemingly served by GitHub again.

חדשות סייבר@CyberIL

נראה שאתר ILSpy* נפרץ באופן כלשהו והתחיל להפנות משתמשים להורדת תוספים לדפדפן ועוד... וגם מה הקשר המוזר לישראל... קיבלתי מכם דיווחים לפני מספר שעות בנושא, לאחר שמשתמשים שגלשו באתר נתקלו ברידיירקט לאתר צד ג' המבקש מהם להוריד תוסף לדפדפן. האתר המפיץ כביכול את התוספים החשודים הוא: https[:]//www.recipioapp[.] com/ ובצור קשר שם ניתן לראות כי הדומיין הוא togonetworksltd[.]com. בחיפוש קצר נראה כי מדובר בחברה בשם טוגו שנרשמה גם בישראל תחת כתובת בדרך בגין ת"א. נראה שהדומיין הזה קשור איכשהו לדומיין נוסף: mediaarenaltd[.]com שכבר סומן בעבר ככזה המפיץ נוזקות ואף הוא רשום בגוגל כעסק שפועל מהרצליה.... בינתיים התוספים אליהם הופנו המשתמשים לא מזוהים כזדוניים ב-VT אבל אין ספק שמשהו כאן חשוד וזה נראה כמו קמפיין זדוני. אתר ILSpy ירד מהאוויר לזמן מה בשעות האחרונות אבל כרגע הוא שוב באוויר וזה עדיין לא תוקן. בקיצור סיפור מוזר. מניח שדברים יתבהרו בהמשך. מצ"ב ווידאו ששלח אלי אחד העוקבים בערוץ. *מוצר ILSpy הוא כלי קוד פתוח לניתוח והרצה לאחור של קבצי .NET t.me/CyberSecurityI…

English

164

🕳@sekurlsa_pw·6 Nis

@vxunderground What site? Ilspy[.]net doesn’t seem like a Wordpress site and isn’t affiliated with ILSpy.

English

261

klassiker@_lupia_·2 Nis

@feross @a16z Could Socket prevent similar attacks by scanning packages before publication? It sounds to me like the tech is ready and NPM is either not doing it or uses Copilot: x.com/_lupia_/status…

klassiker@_lupia_

@bradleymeck 10 years ago NPM claimed they are working with security vendors to scan packages before publishing, but that scanning the entire package would be "prohibitively expensive". Are there any efforts to implement this type of scanning at the registry level? blog.npmjs.org/post/141702881…

English

331

Feross@feross·2 Nis

Great piece from @a16z. A few things I’d add from the front lines of detecting the Axios attack: Socket detecting the attack 16 minutes before publication is worth dwelling on. We caught plain-crypto-js because its behavior was anomalous the moment it appeared on npm – postinstall script, network access, OS fingerprinting, binary download, self-deletion. No CVE needed. The package told us what it was by what it did. The core issue is that AI agents treat npm install as a solved problem. It isn’t. Every dependency decision is a trust decision, and right now agents are making thousands of those decisions per day with zero security context. We need to give agents the same visibility into package behavior that we’d want a human developer to have – but at machine speed.

a16z@a16z

The software supply chain has become the most critical and least-defended attack surface in modern software development. This week, someone hijacked one of the most popular packages on the internet and used it to install a backdoor on every machine that ran npm install. a16z's @MaikaThoughts, @zanelackey, and Joel de la Garza on how @SocketSecurity detected the Axios attack within 6 minutes, why AI is compressing software supply chain attack timelines, and why defenders have to move at machine speed to save the agents: a16z.news/p/et-tu-agent-…

English

144

41.2K

klassiker retweetledi

Simone Margaritelli@evilsocket·2 Nis

Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices (including the International Space Station apparently ...) evilsocket.net/2026/04/02/Mon…

English

10.7K

klassiker@_lupia_·1 Nis

@akses_0x00 @ZackKorman @SimoKohonen They are already reporting detections to the registry for free - the registry should start paying them imho. The video in this thread shows they've found 321k+ packages with threats, so it seems to be a very effective and cost-efficient approach: x.com/SocketSecurity…

Socket@SocketSecurity

@DanielLockyer @feross Yes, we report malicious packages to npm and all the other open source registries we support. Some of them take down packages almost instantly and others take much longer to respond (sometimes weeks).

English

klassiker@_lupia_·1 Nis

@akses_0x00 @ZackKorman @SimoKohonen I'm only interested in detections and pre-publish scans. They are a business, so they could offer it to the registry. Avoiding privacy + supply chain risks by protecting everyone and pre-filtering for open source scanners: x.com/_lupia_/status…

klassiker@_lupia_

English

Zack Korman@ZackKorman·31 Mar

What the shill did I just read? If people are asking how to protect themselves, it’s not appropriate to use that as a chance to pitch your own product. Give real advice or say nothing at all.

English

114

18.6K

klassiker@_lupia_·31 Mar

English

437

Bradley Farias@bradleymeck·31 Mar

Be wary of efforts to dissuade against using tools to protect yourself, also beware of spreading misunderstanding of how those tools function. Not all tools fit all situations but shutting down discussions is odd.

Zack Korman@ZackKorman

What the shill did I just read? If people are asking how to protect themselves, it’s not appropriate to use that as a chance to pitch your own product. Give real advice or say nothing at all.

English

2.6K

klassiker@_lupia_·31 Mar

@ZackKorman @SimoKohonen That's too simplistic. They are doing a pretty good job over there imho and the solution to yet-another-dependency would be for the registry to add pre-publish scans and work with security vendors as they promised over 10 years ago: blog.npmjs.org/post/141702881…

English

Zack Korman@ZackKorman·31 Mar

@SimoKohonen lol yea the solution to a supply chain attack is always more supply chain. Funny how that works

English

734

klassiker@_lupia_·27 Mar

A bigger issue than collisions is branch shadowing if the resolver isn't implemented properly (like in npm) or the contents are loaded as a tarball (codeload). Copying go.sum behavior after already using it for comparison should have been the obvious choice there.

Juliano Rizzo@julianor

I get that SHA1 is baked into Git and @github mitigates known collision patterns. But for Actions locking (GH controlled feature) Why anchor trust on commit hashes and SHA-1 at all? No interoperability constraint here. github.blog/news-insights/…

English

klassiker@_lupia_·27 Mar

@adnanthekhan @cyb3rjerry Oh, didn't read the blog properly. After seeing "go.sum" and "locks" I got excited and thought for a second they would perform actual source integrity, but it's just a different place to set the resolved-SHA.

English

klassiker@_lupia_·26 Mar

@adnanthekhan @cyb3rjerry The dependencies in the screenshot use SHA1 for some reason.

English

Tony/Humpty@cyb3rjerry·26 Mar

Let's see how this plays out lol. Hopefully better than their uptime.. github.blog/news-insights/…

English

537

klassiker@_lupia_·26 Mar

I don't understand if or why I got targeted there, does anyone have more information on this? @ramimacisabird @feross @adnanthekhan

klassiker@_lupia_

@evilsocket @N3mes1s About 7 hours after I asked them explicitly about this I received a phishing attempt on a mail present in old commits. Maybe a coincidence, but the host later redirected to yet another rick roll and I haven't seen others report "gjthub [.] net" publicly yet.

English

klassiker@_lupia_·26 Mar

English

148

Simone Margaritelli@evilsocket·25 Mar

@_lupia_ @N3mes1s omfg

English

119

Simone Margaritelli@evilsocket·25 Mar

The boldness it takes to show this right now ....

Aqua Security@AquaSecTeam

Three columns. Hundreds of dots. Zero wrong answers. Going to RSAC this year? Stop by Booth #535, place your bet, and see how your peers voted. You can gamble at our roulette table. Just not in production.

English

6.5K

klassiker@_lupia_·26 Mar

@adnanthekhan @LiteLLM @AquaSecTeam Have you seen the GHSA for trivy-action from 18.02.? github.com/advisories/GHS… Committed as "Merge commit from fork" and didn't actually fix the issue. Am I missing something here? When they fixed it 2 days later there was no second GHSA, also didn't run zizmor for "trivy" Actions.

English

340

Adnan Khan@adnanthekhan·26 Mar

The security response by @LiteLLM has really been commendable. They were blindsided by the breach but within a day they hired professionals to guide them through a process that they themselves probably weren’t mature enough for as a company. @AquaSecTeam slow rolled their response which gave threat actors days and an entire weekend before victims learned about it. They even got popped a third time during this. This delay will go down in history as an S-tier fumble. @Checkmarx - well, their two actions and OpenVSX extensions got backdoored and I don’t see a public advisory or statement yet. The two security companies here demonstrate how not to handle incidents; while the young AI startup makes the best of a very difficult situation.

English

249

22.6K

klassiker@_lupia_·25 Mar

@evilsocket @N3mes1s After the hackerbot-claw incident: x.com/AquaSecTeam/st… In the current incident thread they didn't clarify yet if the PAT stolen 3 weeks prior was ever revoked. The malicious docker images were pushed almost 3 days after the third compromise.

Aqua Security@AquaSecTeam

Anthropic’s #Claude recently analyzed open source projects and uncovered hundreds of serious vulnerabilities, many that had existed for years. AI is accelerating vulnerability discovery. Remediation is not keeping up. This is why runtime enforcement matters. hubs.li/Q0469k0M0 #AquaSec #RuntimeSecurity

English

996

Simone Margaritelli@evilsocket·25 Mar

@N3mes1s and not a single mention of the incident on their socials ... it's like nothing's happening for their marketing / PR team XD wtaf

English

340

klassiker@_lupia_·23 Mar

@ramimacisabird @akses_0x00 Signing commits+tags with a separate SSH key had a very low barrier of entry to me and requires a local compromise (even without a password). Using SSH-SK over FIDO2 would be better, but I think signatures don't enforce user presence (yet).

English

Rami McCarthy@ramimacisabird·23 Mar

@akses_0x00 nits: * immutable tags, not just tag rules * yeet pull_request_target. I've seen too many comments explaining how they made it safe get embarrassed * signed commits aren't always useful and have poor devex. would not generically recommend. * pin _everything_ to SHA * no PATs!!

English

459

ɐʞsǝs@akses_0x00·23 Mar

hardening GH pipelines for public projects to protect against trivy-esque hackerbot-claw style shenanigans ~ GH tag protection rules & block force push to tags ~ yeet anything that uses pull_request_target, or at least separate the trusted and untrusted parts of it. It runs in the privileged repo context even for fork PRs, so it has access to secrets that pull_request wouldnt ~ use CODEOWNERS to ensure approvals happen in high risk areas like .github/workflows/ note this only protects workflow file modifications, not tag poisoning; you need Rulesets for that ~ require signed commits. spoofed commits that are missing GitHub's web-flow GPG sig, is a forensic tell. Enforcing this at the Ruleset level turns this from a lag indicator, into a prevention (I think?) ~ spicy take in 2026 but gate /releases/ behind a protected environment with required human reviewers ~ pinning key action dependencies to full commit SHA instead of mutable version tags ~ ditch long-lived cloud credentials in favour of OIDC ephemeral per run tokens ~ set permissions: read-all at the workflow level and explicitly escalate only where needed per job ~ don't use the old PATs, use new fine-grained ones scoped to specific repos and permissions!

Kamil (๑ت๑)ﾉ🛩@KamStaszewski

@JamesBerthoty @IceSolst Very vague. Anything in particular that you would recommend? Like s concrete action points to securing CI/CD in this environment.

English

5.8K

klassiker retweetledi

Nadim Kobeissi@kaepora·8 Şub

Today is day 3 of Cryspen leaving a critical nonce reuse vulnerability in a HPKE implementation used by both Signal and OpenMLS unpatched, despite there being a pull request with a tested fix: github.com/cryspen/hpke-r…

English

1.3K

klassiker@_lupia_·27 Oca

npm also does not use integrity for git dependencies, loads them as tarballs and falls back to ssh (with "StrictHostKeyChecking=accept-new" for no reason) even when you typed git+https, all while confusing pinned commits with branches.

English

klassiker@_lupia_·27 Oca

npm is refusing to fix this install time RCE, which will not be cached, logged or packaged from git to node_modules, leaving no trace on your machine.

Koidex@GetKoidex

🚨 PackageGate - 𝗪𝗲'𝘃𝗲 𝗱𝗶𝘀𝗰𝗼𝘃𝗲𝗿𝗲𝗱 𝟲 𝘇𝗲𝗿𝗼-𝗱𝗮𝘆𝘀 𝗶𝗻 𝗝𝗮𝘃𝗮𝗦𝗰𝗿𝗶𝗽𝘁 𝗽𝗮𝗰𝗸𝗮𝗴𝗲 𝗺𝗮𝗻𝗮𝗴𝗲𝗿𝘀 𝘁𝗵𝗮𝘁 𝗯𝘆𝗽𝗮𝘀𝘀 𝘁𝗵𝗲 𝗱𝗲𝗳𝗲𝗻𝘀𝗲𝘀 𝗲𝘃𝗲𝗿𝘆𝗼𝗻𝗲 𝗮𝗱𝗼𝗽𝘁𝗲𝗱 𝗮𝗳𝘁𝗲𝗿 𝗦𝗵𝗮𝗶-𝗛𝘂𝗹𝘂𝗱. 𝗻𝗽𝗺 𝗶𝘀 𝗿𝗲𝗳𝘂𝘀𝗶𝗻𝗴 𝘁𝗼 𝗳𝗶𝘅, 𝘀𝗼 𝘄𝗲'𝗿𝗲 𝗯𝗹𝗼𝘄𝗶𝗻𝗴 𝘁𝗵𝗲 𝘄𝗵𝗶𝘀𝘁𝗹𝗲: After Shai-Hulud compromised 700+ packages last November, everyone adopted the same 2 defenses: disable lifecycle scripts and commit lockfiles. We searched for holes in that playbook and found 6 zero-days across npm, pnpm, vlt, and Bun. We're calling this discovery - 𝗣𝗮𝗰𝗸𝗮𝗴𝗲𝗚𝗮𝘁𝗲 👇 🛡️ 𝗗𝗲𝗳𝗲𝗻𝘀𝗲 𝟭 - 𝗗𝗶𝘀𝗮𝗯𝗹𝗲 𝘀𝗰𝗿𝗶𝗽𝘁𝘀: Packages can automatically run code when you install them, but the --𝘪𝘨𝘯𝘰𝘳𝘦-𝘴𝘤𝘳𝘪𝘱𝘵𝘴 flag is supposed to block that. We found bypasses in npm, pnpm, vlt, and Bun - ranging from config hijacks to git loopholes to file overwrites to blind trust in package names. 🔓 𝗗𝗲𝗳𝗲𝗻𝘀𝗲 𝟮 - 𝗟𝗼𝗰𝗸𝗳𝗶𝗹𝗲𝘀: Lockfiles guarantee you get the exact same code every time you install. We found that pnpm and vlt don't verify externally-hosted packages. Attackers can serve clean code during review, then swap in malware later. ✅ pnpm, vlt, and Bun all patched their exploits within weeks. ❌ npm closed our report as "works as expected." We challenged the decision, requested mediation, and reached out directly to their team. No response. This is the last open vulnerability out of the 6. If your organization depends on npm with --𝘪𝘨𝘯𝘰𝘳𝘦-𝘴𝘤𝘳𝘪𝘱𝘵𝘴 as your safety net, that net has a hole in it right now. 𝗖𝗼𝘂𝗻𝘁𝗹𝗲𝘀𝘀 𝗼𝗿𝗴𝗮𝗻𝗶𝘇𝗮𝘁𝗶𝗼𝗻𝘀 𝗮𝗿𝗲 𝘀𝘁𝗶𝗹𝗹 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗹𝗲 𝘁𝗼 𝗮 𝗽𝗼𝘁𝗲𝗻𝘁𝗶𝗮𝗹 𝗦𝗵𝗮𝗶 𝗛𝘂𝗹𝘂𝗱 𝟯.

English

klassiker@_lupia_·26 Oca

@orenyomtov npm/rfcs 48 also states "no integrity for git" while confusing pinned commits with branch names and using "StrictHostKeyChecking=accept-new" for ssh connections (also used as a tarball fallback).

English

Oren Yomtov@orenyomtov·26 Oca

pnpm patched. Bun patched. vlt patched. npm closed the report. "Works as expected."

English

826

Oren Yomtov@orenyomtov·26 Oca

6 vulnerabilities across npm, pnpm, Bun, and vlt Not in packages. In the package managers themselves

English

2.2K

klassiker@_lupia_·26 Oca

@8kSec It was never meant to verify device integrity, "not recommended" is not a deprecation and CloudFlare ignored the risk this still effectively mitigates. Combining system trust-store + pinning only leaves service disruption as a problem. WhatsApp is using it.

English

163

8kSec@8kSec·26 Oca

If you’re still using pinning to verify device integrity, you’re using the wrong tool for the job. Reverse engineers are bypassing your pins in minutes with Frida, while your actual users are the ones suffering when a CA rotates unexpectedly. This shift in the trust model is a detail most teams are still ignoring. 🔍 This blog explains why: 8ksec.io/why-you-should…

English

2.6K

Keşfet

@sekurlsa_pw @vxunderground @feross @a16z @akses_0x00 @ZackKorman @SimoKohonen @bradleymeck