Sam Stepanyan  🐘

@[email protected]
958 Followers
129 Following
586 Posts

https://twitter.com/securestep9

#OWASP London Chapter Leader(@OWASPLondon). Application Security (#AppSec) Architect & Consultant. OWASP Global Board Member. OWASP Nettacker Project co-leader. #CISSP

Bloghttps://medium.com/@securestep9
Sam Stepanyan  🐘13h ago
⚠️#Axios #npm package which is very widely used (83M weekly downloads) was compromised, turning installs into #malware 😨
This supply chain attack has a large-scale impact: many JavaScript apps nowadays uses Axios:
#SoftwareSupplyChainSecurity
👇
https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying cross-platform RAT malware.

The Hacker News
Sam Stepanyan  🐘1d ago
#AI: "Copilot Edited an Ad Into My PR!" - in a first report of this kind #GitHub #Copilot injected an ad into a Pull Request text:
👇
https://notes.zachmanson.com/copilot-edited-an-ad-into-my-pr/
Sam Stepanyan  🐘1d ago

#OpenAI: recent vulnerabilities showed how AI systems can expose sensitive data:

* One allowed sensitive conversation data to be exfiltrated
* Another enabled GitHub token theft from Codex using the branch name parameter

#AISecurity
👇 https://thehackernews.com/2026/03/openai-patches-chatgpt-data.html

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.

The Hacker News
Sam Stepanyan  🐘4d ago

#GitHub: How to catch GitHub Actions workflow injections before attackers do:
#SoftwareSupplyChainSecurity

https://github.blog/security/vulnerability-research/how-to-catch-github-actions-workflow-injections-before-attackers-do/

How to catch GitHub Actions workflow injections before attackers do

Strengthen your repositories against actions workflow injections — one of the most common vulnerabilities.

The GitHub Blog
Sam Stepanyan  🐘Mar 24

#LiteLLM Compromised! LiteLLM - a popular Python Library used by a lot of AI tooling got compromised on PyPI, and the malicious versions are stealing everything they can find on your machine:

#SoftwareSupplyChainSecurity

👇
https://www.xda-developers.com/popular-python-library-backdoor-machine/

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.

XDA
Sam Stepanyan  🐘Mar 24

#Checkmarx GitHub Actions and Open VSX extensions hacked and replaced with malware by the same TeamPCP who hacked Trivy last week.

#SoftwareSupplyChainSecurity
👇
https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

TeamPCP compromised 2 GitHub Actions post-March 19, 2026 breach, enabling credential theft and supply chain attacks.

The Hacker News
Sam Stepanyan  🐘Mar 24

#Citrix Urges Patching Critical NetScaler Vulnerabilities CVE-2026-3055 & CVE-2026-4368 Allowing Unauthenticated Data Leaks. This looks like another incarnation of #CitrixBleed!

Defenders need to act quickly. Patch Now!
👇
https://thehackernews.com/2026/03/citrix-urges-patching-critical.html

Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks

Citrix fixes CVE-2026-3055 memory flaw in NetScaler, enabling data leaks in SAML setups, raising risk of imminent exploitation.

The Hacker News
Sam Stepanyan  🐘Mar 21
OWASP LondonMar 21

Join us to celebrate OWASP's 25th Anniversary at the next OWASP London Chapter Meetup on March 31.

Doors open at 6pm - there will be talks from Amir Shamiri and @ivanristic, pizza 🍕, drinks 🍻, raffle 🎟️, balloons 🎈 and a cake 🎂!

Register here:
👇
https://www.eventbrite.co.uk/e/owasp-25th-anniversary-owasp-london-chapter-meetup-in-person-tickets-1985556840961

Sam Stepanyan  🐘Mar 21

#Trivy, a popular open-source vulnerability scanner, was compromised - attackers hijacked 75 version tags in #GitHub Actions to deliver an infostealer.

It ran in CI pipelines, stealing creds and tokens, exfiltrating data:
#SoftwareSupplyChainSecurity
👇
https://thehackernews.com/2026/03/trivy-security-scanner-github-actions.html

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

The Hacker News
Sam Stepanyan  🐘Mar 21

Today I am re-watching: "Achieving Secure Continuous Delivery" - a talk presented by Lucian Corlan and Chris Rutter at the @OWASPLondon meetup back in 2016. Featuring #ChuckNorris meme:

#SecureSDLC
👇
https://www.youtube.com/watch?v=HyBhsH5Eo8s

Achieving Secure Continuous Delivery - Chris Rutter and Lucian Corlan

YouTube