Sam Stepanyan  πŸ˜

@[email protected]
974 Followers
129 Following
625 Posts

https://twitter.com/securestep9

#OWASP London Chapter Leader(@OWASPLondon). Application Security (#AppSec) Architect & Consultant. OWASP Global Board Member. OWASP Nettacker Project co-leader. #CISSP

Bloghttps://medium.com/@securestep9
Sam Stepanyan  πŸ˜1d ago
#NGINX: An 18-year-old RCE vulnerability CVE-2026-42945 in the rewrite module enables server takeover. Update to NGINX 1.31.0 or 1.30.1 immediately!
πŸ‘‡
https://thehackernews.com/2026/05/18-year-old-nginx-rewrite-module-flaw.html
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

The Hacker News
Sam Stepanyan  πŸ˜4d ago

#Checkmarx is breached again via its Jenkins plugin GitHub repo compromised in a software suply chain hack:
#SoftwareSupplyChainSecurity
πŸ‘‡

https://www.bleepingcomputer.com/news/security/official-checkmarx-jenkins-package-compromised-with-infostealer/

Official CheckMarx Jenkins package compromised with infostealer

Checkmarx warned over the weekend that a rogue version of its Jenkins Application Security Testing (AST) plugin had been published on the Jenkins Marketplace.

BleepingComputer
Sam Stepanyan  πŸ˜4d ago

#npm: TanStack npm packages (84 in total) compromised in a supply chain hack utilising a malicious payload designed to destroy files on developer machines if a stolen GitHub token is revoked ("dead-man's swithch"):
#SoftwareSupplyChainSecurity
πŸ‘‡

https://snyk.io/blog/tanstack-npm-packages-compromised/

TanStack npm Packages Hit by Mini Shai-Hulud | Snyk

On May 11, 2026, the Mini Shai-Hulud worm compromised 84 npm package artifacts across 42 @tanstack/* packages (as well as @squawk/*, @mistralai/* packages, and others) by chaining a GitHub Actions "Pwn Request," cache poisoning, and OIDC token extraction from runner memory β€” producing the first npm supply chain attack with valid SLSA Build Level 3 attestations. Here's what happened, what was stolen, and what you need to do right now.

Snyk
Sam Stepanyan  πŸ˜May 9
#SSL: Let's Encrypt Abruptly Stopped TLS Certificate Issuance Due to an Incident:
#LetsEncrypt
πŸ‘‡
https://cybersecuritynews.com/lets-encrypt-halts-certificate-issuance/
Sam Stepanyan  πŸ˜May 9
The video recording of my talk: β€œAutomated Security Testing with OWASP Nettacker” from NDC Security 2026 Conference in Oslo is now available on YouTube: πŸŽ₯
#Nettacker
πŸ‘‡
https://www.youtube.com/watch?v=pGkagJWAMKw
Automated Security Testing with OWASP Nettacker - Sam Stepanyan - NDC Security 2026

YouTube
Sam Stepanyan  πŸ˜May 8

#Nuget: Malicious NuGet packages mimicked trusted .NET libraries to steal credentials, key crypto wallets.
Packages:

IR.DantUI, IR.OscarUI, IR.Infrastructure.Core, IR.Infrastructure.DataService.Core, IR.iplus32

included an infostealer #malware:
πŸ‘‡
https://gbhackers.com/malicious-nuget-packages-2/

Sam Stepanyan  πŸ˜May 8

#vm2 NodeJS Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution - patch now!
Vm2 is used by 900+ #NPM packages:
πŸ‘‡

https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

12 vm2 flaws (CVSS up to 10.0) enable sandbox escape in ≀3.11.1, causing remote code execution risk; patched in 3.11.2.

The Hacker News
Sam Stepanyan  πŸ˜May 7

#NextJS and #React Server Components hit with 12 vulnerabilities with 3 high-severity vulns (CVE-2026-44574, CVE-2026-44578, CVE-2026-44581) requiring the most urgent attention and impacting virtually every production NextJS deployment - patch now!

https://www.cyberkendra.com/2026/05/react-and-nextjs-hit-with-12-security.html

React and Next.js Hit With 12 Security Flaws β€” Three Let Attackers Bypass Auth, Hijack Servers

Vercel and the React team have fixed 13 vulnerabilities affecting Next.js and React Server Components, with three high-severity flaws drawing the most urgent attention from the security community. The issues span middleware bypasses, server-side req…

Cyber Kendra
Sam Stepanyan  πŸ˜May 7

#PyPI 3 Python Packages Deliver ZiChatBot #Malware via Zulip APIs on Windows and Linux:

* uuid32-utils
* colorinal
* termncolor

πŸ‘‡
https://thehackernews.com/2026/05/pypi-packages-deliver-zichatbot-malware.html

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems

The Hacker News
Sam Stepanyan  πŸ˜May 6
#PaloAlto PAN-OS Vulnerability CVE-2026-0300 Under Active Exploitation - Enables Remote Code Execution (#RCE) - CVSS 9.3 no patch released yet, but expected soon!
πŸ‘‡
https://thehackernews.com/2026/05/palo-alto-pan-os-flaw-under-active.html
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

CVE-2026-0300 exploited via public PAN-OS portal before May 13, 2026 patch, enabling root RCE on firewalls.

The Hacker News