Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs
TL;DR - BlackCat ransomware, npm supply chain abuse, SharePoint-focused vishing, and multiple critical CVEs led today’s risk picture. - Admins should patch exposed apps, review Microsoft 365 identity controls, and hunt for package and data theft indicators. - Urgency is high for internet-facing systems and developer environments.
Top Stories
Former ransomware negotiator sentenced in BlackCat case
A former DigitalMint employee was sentenced to 70 months in prison for participating in BlackCat/ALPHV ransomware attacks against U.S. companies, according to BleepingComputer: https://www.bleepingcomputer.com/news/security/us-ransomware-negotiator-gets-4-years-in-prison-for-blackcat-attacks/.
Why it matters:
This is a reminder that insider access and trusted-response relationships can be abused. Organizations that rely on third-party incident response, negotiation, or recovery services should treat those providers as high-trust partners and verify access pathways accordingly.
What defenders should do: - Reassess privileged access granted to IR retainers and external responders. - Require MFA, just-in-time access, and detailed session logging for third-party support. - Review contract language around data access, logging, and breach notification. - Hunt for unusual access by service accounts used during prior incidents.
OpenMandriva reports attempted internal sabotage
OpenMandriva said a contributor attempted to sabotage the project following an internal dispute, per BleepingComputer: https://www.bleepingcomputer.com/news/security/openmandriva-linux-says-contributor-tried-to-sabotage-the-project/.
Why it matters:
This is a software supply chain governance issue, not just project drama. Open source projects and internal dev teams alike need branch protections, maintainer separation of duties, and auditable release controls.
What defenders should do: - Enforce signed commits and protected branches for critical repos. - Require code owner review for build scripts, packaging, CI workflows, and release artifacts. - Archive and monitor admin actions in Git hosting platforms. - Validate package provenance before promotion into production.
Injective SDK on npm infected with wallet stealer
Attackers compromised the Injective Labs SDK GitHub repository and published a malicious npm package that stole private keys and mnemonic seed phrases, according to BleepingComputer: https://www.bleepingcomputer.com/news/security/injective-sdk-on-npm-infected-with-cryptocurrency-wallet-stealer/.
Why it matters:
This is a direct developer ecosystem and CI/CD risk. Malicious packages can move from dependency installation to credential theft quickly, especially in crypto, fintech, and Web3 environments.
Immediate actions: - Identify any environment that installed the affected package versions. - Rotate cryptocurrency wallet material and API credentials potentially exposed on developer systems. - Review CI logs and build containers for package install events. - Enable dependency pinning, lockfile verification, and package integrity controls.
Technical Notes
Example quick triage for npm-based environments:
# Search local package manifests and lockfiles
grep -R "injective" ./
# Review npm install history where shell history is retained
history | grep npm
# Inspect package dependency tree
npm ls | grep injective
# Check CI pipelines for package installs
grep -R "npm install\|npm ci" .github/ .gitlab-ci.yml Jenkinsfile 2>/dev/null
Useful places to review: - Developer workstation shell history - CI runner logs - Container image build definitions - Secrets stores accessed after package installation
Helix emerges with SharePoint-focused vishing and MFA abuse
A newly tracked extortion group called Helix is using vishing, device code phishing, and MFA abuse to steal data from SharePoint environments, BleepingComputer reports: https://www.bleepingcomputer.com/news/security/new-helix-vishing-group-emerges-in-sharepoint-data-thief-attacks/.
Why it matters:
This is another sign that identity is the perimeter. Attackers do not need malware if they can socially engineer users into granting access or approving authentication flows.
What to review in Microsoft 365 today: - Device code authentication policies - Conditional Access coverage for SharePoint and OneDrive - MFA fatigue protections and number matching - External sharing settings and anomalous bulk downloads - Privileged role assignments tied to collaboration platforms
Technical Notes
Microsoft 365 defenders should review sign-in telemetry for device code abuse and suspicious SharePoint access patterns.
Example hunt ideas:
Indicators to look for:
- Sign-ins using device code flow from unusual ASNs or geographies
- MFA approvals followed by immediate SharePoint download spikes
- New inbox rules or OAuth grants near the same timestamp
- Bulk file access from users who normally do not use SharePoint heavily
- User-agent changes during the same session chain
If you export Entra ID and Microsoft 365 telemetry to SIEM, prioritize: - impossible travel around successful authentications - bursts of file operations - unusual consent grants - anomalous help-desk themed communications preceding account misuse
Microsoft expects more Windows fixes from AI-discovered flaws
Microsoft said customers should expect more Windows security updates as AI is used more heavily to find vulnerabilities, according to BleepingComputer: https://www.bleepingcomputer.com/news/microsoft/microsoft-expects-more-windows-security-updates-from-ai-discovered-flaws/.
Why it matters:
This is not a single vulnerability story, but it does affect patch operations. Security teams should plan for increased patch cadence and more frequent risk-based prioritization.
Operational takeaway: - Tighten test-and-deploy SLAs for Windows updates. - Improve patch exception handling. - Track exploitability and exposure separately from CVSS.
Forg365 uses AI to target Microsoft 365 accounts
A phishing-as-a-service platform called Forg365 is using adversary-in-the-middle and device code methods, plus AI-assisted lure generation, to target Microsoft 365 accounts, reports BleepingComputer: https://www.bleepingcomputer.com/news/security/new-forg365-phishing-platform-uses-ai-to-target-microsoft-365-accounts/.
Why it matters:
This is a mature blend of phishing tradecraft and identity abuse. AI lowers the cost of personalization, while device code and AiTM tactics can bypass weaker awareness controls.
Defender response: - Expand phishing-resistant MFA where possible. - Block or tightly govern device code flow for users who do not need it. - Train help-desk staff on callback scams and MFA manipulation. - Review reverse proxy and token theft detections in mail and identity telemetry.
EU moves against member states over cybersecurity law delays
The EU is taking member states to court over failure to implement a cybersecurity law, according to The Record via Google News: https://news.google.com/rss/articles/CBMigwFBVV95cUxNa1pJUTBqb2hJNnlUSTltLWFQS0RBaVFQLTZpWHRRaFF4TUVGNUxZbUlZbmJSM0VqMXJPbl9lUkF6bTJfY3RwdkI3Vi1pZUJseXhtR3d3N3o3UkhmbUl6NlZ1MWhJeW1qeW5taFZWYlZsMlE3bk85ZWNGc213bk9IYy1fOA?oc=5.
Why it matters:
For multinationals and regulated SMBs, enforcement pressure means governance deadlines can become operational quickly. Teams should confirm which cyber regulations apply by geography and sector.
Global anti-fraud operation leads to 5,811 arrests
International law enforcement arrested 5,811 suspects and seized $293 million in illicit assets during a coordinated anti-fraud operation across 97 countries, per BleepingComputer: https://www.bleepingcomputer.com/news/security/police-arrests-5-800-suspects-in-global-anti-fraud-crackdown/.
Why it matters:
This scale shows fraud remains heavily industrialized. Security teams should expect continued overlap between fraud, phishing, identity theft, and business email compromise activity.
Critical Vulnerabilities
CVE-2026-59726: Ruflo unauthenticated MCP bridge exposure
- Severity: CVSS 10.0
- Affected product: Ruflo before 3.16.3
- Issue: Default docker-compose deployment exposed
POST /mcpandPOST /mcp/:groupwithout authentication, allowing unauthenticated access to tool execution and shell access in the bridge container. - References: GitHub advisory and fixes at https://github.com/ruvnet/ruflo/security/advisories/GHSA-c4hm-4h84-2cf3, https://github.com/ruvnet/ruflo/commit/d00a0a40cd8bdbca877ac7f675f416bdc69accd1, and release notes at https://github.com/ruvnet/ruflo/releases/tag/v3.16.3.
So what?
If exposed to untrusted networks, this can lead to remote shell access, API key theft, and tampering with agent learning stores. This is especially risky for teams experimenting with agent frameworks in cloud or lab environments.
Action: - Upgrade to 3.16.3 immediately. - Restrict access to MCP bridge endpoints at the network layer. - Rotate provider API keys if exposure is possible. - Review containers for unauthorized command execution.
Technical Notes
Quick exposure checks:
# Replace host and port as needed
curl -i http://HOST:PORT/mcp
curl -i -X POST http://HOST:PORT/mcp
curl -i -X POST http://HOST:PORT/mcp/default
Container review examples:
docker ps
docker logs <bridge-container> --since 72h
docker exec -it <bridge-container> /bin/sh
Look for:
- unexpected tools/call activity
- shells launched from bridge processes
- outbound connections to unfamiliar hosts
- leaked provider credentials in environment variables or mounted config
CVE-2026-59827: Metabase H2 deserialization can lead to code execution
- Severity: CVSS 9.9
- Affected product: Metabase before 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4
- Issue: Authenticated users able to run native H2 queries could trigger unsafe Java deserialization from result columns of type
OTHER. - References: Fixes and releases at https://github.com/metabase/metabase/commit/00f42511fe3bc4385652a2e96862ee6fd7d42cf8, https://github.com/metabase/metabase/releases/tag/v0.58.15, https://github.com/metabase/metabase/releases/tag/v0.59.12, https://github.com/metabase/metabase/releases/tag/v0.60.6.3, and https://github.com/metabase/metabase/releases/tag/v0.61.1.4.
So what?
This is serious for self-hosted Metabase deployments where native query execution is broadly available. Even though the attack requires authenticated access and H2 usage, many internal analytics tools have loose permissions.
Action: - Patch to a fixed version immediately. - Review which users and groups can execute native queries. - Migrate away from H2 in production if still in use. - Inspect server logs for suspicious query execution.
Technical Notes
Useful checks for admins:
# Check version in containerized deployments
docker ps --format "table {{.Names}}\t{{.Image}}"
# Search config or environment for H2 usage
grep -R "h2" /opt/metabase /etc/metabase 2>/dev/null
env | grep -i metabase
Review for:
- unexpected native H2 queries
- new admin or analyst accounts
- process spawns by the Metabase service user
- outbound network activity from the Metabase host
CVE-2026-15158: Blocksy Companion Pro arbitrary file upload
- Severity: CVSS 9.8
- Affected product: Blocksy Companion Pro up to 2.1.46 under specific conditions
- Issue: File validation accepted filenames containing
.woff2or.ttfas substrings, enabling double-extension uploads such asshell.woff2.php. - Exploitation conditions: Requires the premium plugin plus both WooCommerce Extra (Advanced Reviews) and Custom Fonts extensions active.
- Reference: Wordfence and code references at https://www.wordfence.com/threat-intel/vulnerabilities/id/2df449b4-3f3b-4afc-b391-8d8d11710c07?source=cve and WordPress Trac links cited in the CVE.
So what?
This is an internet-facing WordPress RCE path in certain commercial configurations. If the affected extensions are enabled, unauthenticated attackers may be able to upload executable files.
Action: - Identify sites running Blocksy Companion Pro with the affected extensions enabled. - Disable vulnerable functionality until a fixed release is confirmed and deployed. - Hunt for suspicious uploads in web-accessible directories. - Review web server logs for POST requests to upload endpoints.
Technical Notes
Basic WordPress triage:
# Find suspicious PHP files with double extensions
find /var/www -type f \( -name "*.php" -o -name "*.phtml" \) | grep -E "woff2|ttf"
# Recent uploads
find /var/www -type f -mtime -7 | sort
# Apache/Nginx log review
grep -R "POST" /var/log/nginx /var/log/apache2 2>/dev/null | grep -i "upload\|font\|review"
Watch for:
- files like *.woff2.php or *.ttf.php
- sudden creation of web shells in uploads directories
- requests followed by command execution or outbound callbacks
CVE-2026-5955: BiEticaret SQL injection
- Severity: CVSS 9.8
- Affected product: BiEticaret before 3.3.57
- Issue: SQL injection vulnerability.
- Reference: Advisory at https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0519.
So what?
If internet-facing, SQL injection can lead to database compromise, credential theft, and potentially application takeover depending on deployment architecture.
Action: - Upgrade to 3.3.57 or later. - Review WAF logs for SQLi payloads. - Rotate database credentials if compromise is suspected. - Check for unauthorized admin creation and data export.
CVE-2026-12116: Xerte Online Tools RCE via antivirus path setting
- Severity: CVSS 9.8
- Affected product: Xerte Online Toolkits / Xerte Online Tools
- Issue: An attacker could alter the antivirus binary path to a PHP interpreter and upload PHP data for execution.
- References: Vendor project fix and advisory at https://github.com/thexerteproject/xerteonlinetoolkits/commit/8ef20628f80bd88bd1fe3e5844a9116a910086b7, https://github.com/thexerteproject/xerteonlinetoolkits/issues/1543, and https://www.xerte.org.uk/index.php/en/news/blog/80-news/364-xerte-3-14-and-3-15-important-security-update.
So what?
This is a straightforward RCE path in a web application commonly used in education and training contexts, where patching may lag and internet exposure is common.
Action: - Apply the project’s security update. - Restrict admin access to trusted networks. - Audit tool server settings for unexpected binary paths. - Review uploads and process execution history on the host.
Technical Notes
Quick Linux checks:
grep -R "antivirus" /var/www /etc 2>/dev/null
ps aux | grep -i php
find /var/www -type f -mtime -7 | grep -i ".php"
What Defenders Should Do Today
1) Patch exposed and high-risk systems first
Prioritize internet-facing or broadly accessible deployments of: - Ruflo - Metabase - WordPress sites using Blocksy Companion Pro in the affected configuration - BiEticaret - Xerte Online Tools
Use asset inventory plus external attack surface validation to confirm exposure before close of business.
2) Tighten Microsoft 365 identity controls
Given the Helix and Forg365 activity, review: - Device code flow usage - Conditional Access coverage - MFA fatigue resistance - SharePoint download anomalies - OAuth app consent and token abuse monitoring
3) Hunt for supply chain impact in dev and CI environments
Focus on: - npm package installs linked to the Injective SDK incident - unexpected GitHub admin actions - build artifact changes - secrets accessed after suspicious package updates
4) Review third-party and internal privileged access
The BlackCat sentencing story and OpenMandriva sabotage report both reinforce the same control theme: - least privilege - session recording - temporary access grants - separation of duties - strong audit trails
5) Validate logging coverage
Make sure you can answer these quickly: - Who authenticated using device code flow this week? - Which WordPress sites accepted uploads recently? - Which containers executed shells unexpectedly? - Which CI jobs pulled modified dependencies in the last 72 hours? - Which analytics users can run native queries in Metabase?
Technical Deep Dive
Fast command checklist
# External exposure spot check
nmap -sV <target>
# Find recent suspicious files on Linux web hosts
find /var/www -type f -mtime -3
# Review recent auth logs
journalctl --since "3 days ago" | grep -Ei "sudo|ssh|session|auth"
# Check container restarts and images
docker ps -a
docker images
Log patterns worth prioritizing
Identity:
- Device code sign-ins from rare locations
- MFA prompts followed by unusual file access
Web apps:
- POST requests to upload endpoints
- Repeated SQL syntax errors or UNION/SELECT payloads
- Requests for newly created PHP files
Containers and servers:
- Child shells spawned by application services
- New outbound connections after admin logins
- Secrets accessed shortly after dependency updates
Bottom Line
Today’s biggest practical risks are not abstract. They are exposed application flaws, identity-centric phishing, and software supply chain compromise. Patch the critical CVEs, lock down Microsoft 365 authentication paths, and review developer and third-party trust assumptions. The stories are different, but the defensive pattern is the same: reduce implicit trust, increase visibility, and act on exposed systems first.
This article may contain affiliate links. We earn a commission on qualifying purchases at no extra cost to you. ```