Lead Story | Critical — AI Tool Supply Chain · Developer Credential Theft | Dev · Cloud+DevOps · Enterprise |
|
Nx Console 18.95.0 Compromised for 11 Minutes — Payload Collected GitHub, AWS, and Claude Code Credentials From 2.2 Million Developer Environments
A credential-harvesting payload reached 2.2 million VS Code, Cursor, and JetBrains installs on May 18, 2026, after attackers used a stolen Nx contributor token to publish a compromised extension to the VS Code Marketplace. The exposure window was 11 minutes. Claude Code configuration files were an explicit target.
On May 18, 2026, attackers used a stolen Nx contributor token — obtained in a prior supply chain incident whose origin has not been publicly identified — to push an obfuscated orphan commit into the official nrwl/nx repository and publish Nx Console 18.95.0 to the VS Code Marketplace. Every workspace opened during the 11-minute exposure window automatically fetched a 498 KB payload that drained GitHub tokens, npm credentials, AWS keys, HashiCorp Vault secrets, Kubernetes service account tokens, 1Password vaults, and Claude Code configuration files — then sent them out via HTTPS, the GitHub API, and DNS — three separate paths, each capable of completing the exfiltration on its own. StepSecurity → The Hacker News →
On macOS, the payload dropped a Python backdoor that polled the GitHub Search API for RSA-signed follow-on instructions — a persistence mechanism that survives credential rotation unless the machine itself is remediated. Update to Nx Console 18.100.0 or later and treat every credential accessible from any affected machine as compromised, including AI coding tool API keys and any CI/CD tokens stored in local configuration files.
→ Key Takeaway An 11-minute supply chain window against a 2.2-million-install developer tool confirms that IDE extensions hold a direct path to every credential a developer keeps on their machine — including AI tool configurations that are now an explicit payload target. The attack used no vulnerability in the extension itself: a stolen publisher token and an orphan commit were sufficient. Ask your security and engineering leads whether any developer had Nx Console 18.95.0 installed and opened a workspace on May 18 between 2:36 and 2:47 p.m. CEST — and confirm that credential rotation covering GitHub tokens, AWS keys, and Anthropic API keys has been completed for all affected machines. HARDENED does not endorse or recommend specific vendors. Tools are listed for awareness only. |
Quick Hits
| 01 |
Drupal Patches Highly Critical SQL Injection (CVE-2026-9082) Affecting PostgreSQL-Backed Sites — Unauthenticated RCE Possible
Drupal released SA-CORE-2026-004 on May 20, 2026, addressing CVE-2026-9082, a SQL injection flaw in the core database abstraction API that allows unauthenticated attackers to execute arbitrary queries against PostgreSQL-backed Drupal sites — leading to information disclosure, privilege escalation, or remote code execution; MySQL and MariaDB-backed installations are not affected. The flaw scores 20 out of 25 on Drupal’s risk scale and the Security Team warned that exploits could be developed within hours or days of the advisory’s publication. Organizations running Drupal 10.5.x, 10.6.x, 11.2.x, or 11.3.x on PostgreSQL should confirm the patch has been applied; Government of Canada, provincial, healthcare, and higher-education properties are the highest-exposure Drupal operators in Canada. Drupal SA-CORE-2026-004 → Drupal PSA →
| Critical — Unauthenticated Web Exploitation | IT Ops · Enterprise |
|
CVE Watch
|
CVE Watch
CVE-2026-31635 (DirtyDecrypt, Linux Kernel, CVSS 7.5): PoC Published for RxGK Subsystem Flaw — Patch Available for Fedora, Arch, and openSUSE; Enterprise LTS Distributions Not Affected
The V12 security team, whose researcher Luna Tong operates under the Zellic affiliation, published a PoC exploit for CVE-2026-31635 on May 19, 2026, targeting a memory-handling flaw in the Linux kernel’s RxGK subsystem: an inverted bounds check combined with a missing copy-on-write guard allows crafted input to reach kernel memory without a private copy being made first. Multiple security publications characterize the exploitation path as a local privilege escalation to root; the NVD primary entry currently assigns a network attack vector with availability-only impact, suggesting a kernel crash rather than code execution — the editor should verify the correct exploitation characterization before publication. The April 25, 2026 upstream patch applies to distributions shipping CONFIG_RXGK enabled — Fedora, Arch Linux, and openSUSE Tumbleweed — while Debian Stable, RHEL 8/9, and Ubuntu LTS ship the subsystem disabled and are not affected by default. In containerized environments, confirm with your team whether any production container hosts run an affected kernel version and whether the April 25 patch has been applied. The Hacker News → NIST NVD →
| Vendor: Linux Kernel · CVE: CVE-2026-31635 · CVSS: 7.5 (High) · Affected: Linux kernels with CONFIG_RXGK enabled (Fedora, Arch, openSUSE Tumbleweed) · Fix: Apply April 25, 2026 upstream patch · Exploitation: PoC published May 19, 2026; NVD and secondary sources disagree on impact class — see body |
|
Compliance Tip of the Day
|
NIST CSF 2.0 — GV.SC-07 — Govern: Cybersecurity Supply Chain Risk Management
IDE Extensions Are Software Suppliers — They Belong in Your Third-Party Risk Register
NIST GV.SC-07 requires that risks from suppliers and third parties are understood, recorded, prioritized, assessed, responded to, and monitored over the course of the relationship — a standard most organizations apply to enterprise SaaS contracts but rarely to developer IDE extensions. The Nx Console attack demonstrates what that gap costs: a VS Code extension running with full developer-workstation privileges, installed across millions of machines, with no formal supplier classification, no approval record, and no credential rotation protocol triggered by its compromise. Concrete action (GV.SC-07): Direct your security and engineering leadership to establish a supplier category for IDE extensions and AI coding tool plugins — including an approved-list process, a minimum security review for extensions with broad filesystem or credential access, and a documented response playbook specifying which credentials must be rotated and within what timeframe when a marketplace-level supply chain compromise occurs. NIST CSF 2.0 reference: nist.gov/cyberframework.
|
On Our Radar
UEFI Secure Boot KEK certificate expiry — June 24, 2026: Microsoft’s Corporation KEK CA 2011 expires June 24, 2026; the UEFI CA 2011 follows June 27 and the Windows Production PCA 2011 in October 2026. Organizations should confirm firmware is receiving updates and test any dual-boot Linux configurations before the June 24 deadline. HARDENED has been tracking this since Issue #039; Microsoft’s update guidance is at Microsoft Support →
|
