Endor Labs flagged a follow-on supply chain attack <20h after initial reports.
After malicious releases in [email protected] and [email protected] were pulled, new versions dropped with identical payloads + new deps in 43 mins.
Attacker still active.
AURI by Endor Labs is built for the AI-SDLC where agents write, review, and ship code.
Learn more:
www.endorlabs.com/learn/introducing-auri-security-intelligence-for-ai-coding-agents-and-developers
CVE-2026-25896 (CVSS 9.3) disclosed in fast-xml-parser
A critical entity encoding bypass affects fast-xml-parser (40M+ weekly npm downloads).
-Allows attackers to shadow built-in XML entities (<, >, &, ", ')
-Can lead to XSS or injection when parsing untrusted XML and rendering the output
-Exploitable with default settings (processEntities: true)
-Impacts >= 4.1.3 and < 5.3.5, including transitive dependencies
Fix: upgrade to v5.3.5+
Advisory: GHSA-m7jm-9gc2-mpf2
https://www.endorlabs.com/learn/cve-2026-25896-fast-xml-parser
Today we're announcing Container Reachability, delivering full-stack reachability across application and base layers.
The results?
90% reduction in container vulnerability false positives
Evidence-based prioritization of vulnerabilities
A unified platform for SCA,SAST, and container scanning
www.endorlabs.com/learn/introducing-full-stack-reachability-container-scanning-that-actually-reduces-noise
AI is great at copying homework, including the mistakes.
A 2025 study found:
â 15/20 AI snippets had design flaws
â 6/20 were invisible to security tools
AI follows patterns, not logic, effectively amplifying your code's existing flaws.
Read the full research:
https://www.endorlabs.com/learn/design-flaws-in-ai-generated-code
101 fake font packages.
4.3 petabytes transferred.
Zero malware.
This wasnât a supply-chain attack. npm was quietly used as a CDN at massive scale.
Henrik Plate explains how it happened and why abuse, not just malware, is becoming a serious OSS sustainability risk.
https://endorlabs.com/learn/how-fake-font-packages-abused-npm-as-a-cdn
We discovered a critical pgAdmin vulnerability (CVE-2025-13780): whitespace bypassed a regex meant to block dangerous psql meta-commands.
A great example of why regex is fragile for input validation.
Deep dive:
https://www.endorlabs.com/learn/when-regex-isnt-enough-how-we-discovered-cve-2025-13780-in-pgadmin
A patch in Argo Workflows was supposed to fix a ZipSlip issue⊠but it didnât.
Our research uncovered CVE-2025-66626 â a validation bug that let malicious tarballs escape the working directory and reach RCE.
Full write-up:
https://www.endorlabs.com/learn/when-a-broken-fix-leads-to-rce-how-we-found-cve-2025-66626-in-argo
Shai Huludâs latest wave shows cross-ecosystem spread: an infected posthog-node package was rebundled as a Java archive and pushed to Maven Central via mvnpm.
Version 4.18.1 is removed, and other rebundles appear clean.
Key point: malware is now moving between ecosystems automatically.
