The morning's "no material change" on the Axios npm compromise was premature — BleepingComputer published the post-mortem revealing the social engineering vector: a fake Microsoft Teams error-fix lure used by DPRK-attributed Stardust Chollima to hijack the maintainer's account and push malicious code to ~100M+ weekly downstream consumers. This is now a confirmed nation-state supply chain compromise with a novel, replicable SE technique. Separately, device code phishing kits have driven a 37x YoY surge in OAuth MFA-bypass attacks — the fourth data point this week confirming MFA bypass is being industrialized. If you haven't disabled device code flow in Entra ID conditional access, do it today.
Since morning: This was listed as "continuing, no material change" in the AM digest. That assessment is now wrong. BleepingComputer published a post-mortem detailing the attack chain: a DPRK-attributed actor (Stardust Chollima per CrowdStrike) socially engineered an Axios maintainer using a fake Microsoft Teams error-fix walkthrough — the kind of "paste this into PowerShell to fix your issue" pretext that works because developers are conditioned to follow obscure troubleshooting steps. The maintainer's npm credentials were harvested, and malicious code was published directly to the package. Axios pulls ~100M+ weekly downloads and is a transitive dependency of effectively the entire Node.js ecosystem (T1195.001, T1566, T1078). Covered by 2 sources.
The SE vector is the genuinely new intelligence here and it's bad in
a generalizable way. "Fake IT error walkthrough" is a
low-sophistication, high-trust pretext that works against any developer
or maintainer with elevated package registry credentials — and it's now
a confirmed DPRK playbook. Immediate actions: (1) audit
axios versions in your build pipelines and compare published hashes
against known-good, (2) hunt for anomalous outbound connections from
Node.js build environments, (3) treat any axios version published during
the compromise window as untrusted until cleared, (4) brief your
internal npm/PyPI package maintainers on this specific pretext — it will
be reused. The choice of axios is tactically shrewd and consistent with
DPRK's escalating pattern of targeting software supply chain
chokepoints. The blast radius here is potentially SolarWinds-class if
the injected payload was a credential harvester sitting in every
npm install across the ecosystem.
Since morning: The AM digest flagged MFA bypass commoditization as a week-defining trend (EvilTokens, VENOM, and the Coca-Cola/Ferrari AiTM kit). This afternoon's BleepingComputer report puts hard numbers on the device code flow variant specifically: 37x year-over-year growth, driven by new commoditized kits now circulating among mid-tier threat actors and BEC operators. The technique abuses the legitimate OAuth 2.0 Device Authorization Grant — the victim authenticates themselves at a real Microsoft/Google auth page after being socially engineered into entering an attacker-supplied device code — meaning FIDO2, TOTP, push, and SMS MFA are all bypassed entirely (T1528, T1550.001).
This is the fourth MFA-bypass technique surfaced in seven days. The 37x growth figure confirms what the pattern already suggested: MFA bypass has crossed from nation-state capability to commodity tooling. Mitigation is straightforward but requires proactive configuration: disable device code flow in Entra ID conditional access (or equivalent IdP policy) unless explicitly required for IoT/TV/kiosk use cases. If your conditional access policies don't address device code flow, you have a gap that commodity actors are now actively exploiting at scale.
Threat actors are exploiting the recent Claude Code source code leak to stand up fake GitHub repositories delivering Vidar infostealer to developers who clone or run the lure project. The social engineering angle is sharp — developers actively curious about the leaked AI agent codebase are the target demographic, and the timing is opportunistic. Vidar on a developer machine is a gateway to pipeline compromise: stolen SSH keys, AWS credentials, npm auth tokens, GitHub PATs. No IOCs in current reporting; watch for follow-up with hashes. Brief developer-facing security teams. (DataBreaches.net)
Thematically linked to the Axios compromise above — both target developers specifically, and a Vidar-compromised developer machine is exactly the kind of credential source that enables the next maintainer account hijack.
Meta has indefinitely paused all work with Mercor, an AI data contracting firm, after a significant breach. Other frontier AI labs are also reevaluating. Mercor handles sensitive data contracting — training data, model evaluations, proprietary development artifacts — across multiple organizations simultaneously, creating classic shared-supplier concentration risk. If Mercor had pipeline access beyond data handling, the blast radius widens considerably. Sparse details; watch for Wired follow-up on scope and attribution. (DataBreaches.net)
This is the data supply chain variant of the week's supply chain theme — not a package registry compromise but a third-party supplier sitting inside multiple orgs' AI development pipelines. Feeds into the morning's "agentic AI security surface" pattern.
The kinetic conflict has entered week six with significant escalation: an F-15E shot down over Iran, an A-10 lost near Hormuz, and Iran has effectively closed the Strait of Hormuz (~20% of global oil and LNG transit). A projectile struck a perimeter building at Bushehr nuclear plant; Rosatom evacuated personnel. Historically, IRGC-affiliated groups (APT33, APT34, Charming Kitten) ramp up destructive and espionage operations against US and Israeli targets during kinetic escalation periods. Strait closure creates energy sector targeting incentive. The Bushehr strike adds a nuclear-adjacent dimension warranting elevated monitoring of Iranian ICS/SCADA targeting. Combined with this morning's Handala/Stryker wiper confirmation, Iranian cyber proxy operations are running hot. (Defense News)
The Patriot Regional Emergency Communications Center was hit by a cyberattack identified early Tuesday, disrupting police and fire department communications across Ashby, Dunstable, Pepperell, and Townsend. No attribution, TTPs, or IOCs available. The shared-infrastructure model — one center serving four municipalities — demonstrates the blast radius multiplier of consolidated public safety infrastructure. Profile is consistent with ransomware but no group has claimed. (DataBreaches.net)
BleepingComputer reports LinkedIn deploys hidden JavaScript scanning visitors' browsers for 6,000+ Chrome extensions and collecting device data without disclosure (T1592.001). The technique is functionally identical to browser fingerprinting used in malicious pre-recon. No immediate operational threat, but the dual-use nature is worth noting — and the regulatory exposure under GDPR is substantial. (BleepingComputer)
Continuing stories — no material change since morning:
New but low-priority:
~62 entries skipped: 46 vulnerability (mass VulDB batch of 2016/2018-era CVE backdates, obscure PHP web app SQLi, dead apps); 14 general (8 empty CrowdStrike marketing posts continuing their tireless campaign to fill RSS feeds with nothing, duplicate HN entries, off-topic items); 1 malware (HTB CTF writeup misrouted as threat intel); 1 social-engineering (clean sweep — both SE entries were actionable).
The afternoon's dominant signal is the Axios compromise graduating from "no material change" to "confirmed DPRK supply chain compromise with a novel, replicable social engineering vector." The fake Teams error-fix pretext will be reused — it's too effective and too simple not to be. Combined with the 37x surge in device code phishing, the week's MFA-bypass theme now has a fifth confirmed technique in seven days. The defense posture question isn't whether your MFA can be bypassed — it can — but whether your conditional access policies and token hygiene are configured to limit the blast radius when it is. Meanwhile, the Iran kinetic escalation provides the geopolitical backdrop for the Handala wiper activity confirmed this morning; expect Iranian cyber proxy tempo to remain elevated as long as Hormuz is closed.