☕ Good Morning Security Gang,
Today’s show highlights something we’ve been discussing repeatedly throughout the year: trust itself is becoming the primary attack surface.
Whether it’s trust in Active Directory, trust in AI support agents, trust in open-source software packages, trust in websites from Harvard and Oxford, or trust in software supply chains, attackers are increasingly targeting the systems and relationships we depend on most. The technical vulnerabilities matter, but what we’re really seeing is the systematic erosion of digital trust across every layer of enterprise technology.
Today’s episode featured eleven major stories spanning actively exploited Windows vulnerabilities, AI-powered account takeovers, software supply chain compromises, large-scale website hijacking campaigns, cloud security concerns, and several important developments in the security research community. The pace of both attacks and defensive responses continues to accelerate, forcing organizations to rethink how quickly they can identify, prioritize, and mitigate risk.
📰 Top Stories
“The attacker playbook has converged on trust infrastructure as the attack surface.” James Azar
🚨 Windows Netlogon Vulnerability Being Compared to Zerologon
The most urgent story of the day centered on CVE-2026-21176, a critical Netlogon vulnerability affecting Windows Domain Controllers that security researchers are already comparing to the infamous Zerologon flaw.
The vulnerability is a pre-authentication, zero-click, stack-based buffer overflow within the Netlogon service. Attackers require only a single specially crafted network packet to achieve system-level code execution directly on a Domain Controller. No credentials, no user interaction, and no prior access are required. Microsoft patched the issue during May’s Patch Tuesday release, but organizations that have not yet updated their Domain Controllers remain vulnerable today.
This vulnerability is particularly dangerous because Domain Controllers remain the crown jewels of most Windows environments. Once an attacker gains control of a Domain Controller, the path to full forest compromise becomes significantly easier. The attack continues a broader trend we’ve observed throughout 2026 where identity infrastructure has become the primary target for both ransomware operators and nation-state actors.
Organizations should immediately verify patch deployment, confirm Netlogon protections are enabled, and ensure critical services such as SMB and RPC are not exposed externally.
🤖 Meta AI Accidentally Handed Out Instagram Accounts
One of the most talked-about stories today involved Meta’s AI-powered support assistant inadvertently helping attackers take over Instagram accounts.
According to researchers, attackers discovered they could interact directly with Meta’s support chatbot and request account recovery actions on behalf of victims. By providing a target account, adding a new email address, and completing a verification process controlled entirely through the chatbot, attackers could effectively reset passwords and gain control of accounts without the legitimate owner’s involvement. Victims reportedly included high-profile government, military, and cybersecurity community accounts.
Meta has since fixed the issue, but the incident highlights a growing challenge facing AI deployments. When AI systems are granted administrative authority without sufficient identity verification controls, they become privileged attack surfaces. The chatbot wasn’t vulnerable because it was AI—it was vulnerable because it was trusted to perform sensitive account functions without properly validating who was making the request.
This won’t be the last AI trust-boundary failure we see.
📦 Red Hat Supply Chain Attack Compromises 32 npm Packages
The software supply chain attacks continue.
Researchers uncovered a campaign dubbed “Miasma” that compromised thirty-two official Red Hat npm packages with a combined weekly download count exceeding 117,000. The attack originated after a Red Hat employee’s GitHub account was compromised, allowing attackers to inject malicious code into repositories and leverage GitHub Actions OIDC workflows to distribute malware through trusted package pipelines.
The malicious packages harvested:
AWS credentials
Azure credentials
Google Cloud credentials
GitHub tokens
SSH keys
npm authentication tokens
The malware itself represents an evolution of the Mini Shai-Hulud campaign that has been repeatedly appearing throughout recent software supply chain incidents.
What makes this attack notable is that the attackers didn’t compromise npm directly. Instead, they compromised trust within the CI/CD process itself. That distinction matters because many organizations continue focusing on package integrity while overlooking the pipelines responsible for building and publishing those packages.
Any organization using affected packages should immediately rotate credentials and review build pipelines for signs of compromise.
🌐 ClickFix Campaign Hijacks Hundreds of Trusted Websites
The ClickFix campaign continues to evolve and expand.
Attackers are actively exploiting vulnerabilities in Ghost CMS installations to compromise over 700 websites, including prominent institutions such as Harvard University, Oxford University, Auburn University, and DuckDuckGo-powered properties. Once compromised, attackers inject malicious JavaScript that presents visitors with fake CAPTCHA or browser verification prompts.
Instead of solving a challenge, users are instructed to press Windows+R and execute commands manually. Those commands launch PowerShell payloads that download malware directly onto victim systems.
“When Harvard, Oxford, and your own software supply chain can all become malware delivery platforms, trust becomes your most valuable asset.” James Azar
What makes ClickFix effective is that it bypasses traditional security awareness training. Most users have learned to distrust email attachments, but many still trust browser prompts appearing on legitimate websites.
This campaign demonstrates how attackers continue adapting social engineering tactics to exploit trust relationships users rarely question.
⚡ Security Leaders Need to Know
🔓 OpenAI Codex Token Theft Campaign
Researchers discovered a popular npm package called codex-ui-android that was secretly exfiltrating OpenAI Codex OAuth tokens, including long-lived refresh tokens. The package accumulated over 26,000 weekly downloads before detection. Organizations using OpenAI development environments should immediately revoke and reissue Codex credentials.
🔑 Dashlane Stops Brute Force Attack
Password manager provider Dashlane confirmed it detected and mitigated a brute-force campaign attempting to register unauthorized devices against customer accounts. While some encrypted vaults were copied, no master passwords were exposed, limiting the impact. Customers should still review registered devices and account activity.
⚖️ Microsoft Backs Down From Threats Against Security Researchers
Just one day after suggesting legal action against researchers releasing uncoordinated vulnerabilities, Microsoft reversed course and clarified that it has no plans to pursue legal action against independent security researchers. The move follows significant backlash from the cybersecurity community and appears aimed at reducing tensions surrounding recent disclosures from Nightmare Eclipse.
☁️ Container and Kubernetes Attacks Continue Growing
Researchers warned about active exploitation of container and Kubernetes misconfigurations, including exposed Docker APIs, weak RBAC permissions, and poisoned container images. Several campaigns are now specifically targeting cloud-native infrastructure and Kubernetes secrets.
🐧 Linux Kernel Privilege Escalation Gets Public Exploit
A proof-of-concept exploit is now publicly available for the recently disclosed nineteen-year-old Linux kernel privilege escalation vulnerability. Organizations that delayed patching now face significantly elevated risk as exploitation becomes easier for attackers.
🏭 Dragos Acquires Phosphorus
Industrial cybersecurity leader Dragos announced its acquisition of Phosphorus, expanding its ability to secure IoT devices within operational technology environments. The move reflects the continued convergence between traditional OT security and connected device management.
🇺🇸 NSA Fills Key Cybersecurity Leadership Roles
The NSA formally appointed David Imbordino as Cyber Director and Bruce Jones to lead the Cybersecurity Collaboration Center, ending a prolonged leadership gap and restoring continuity for government-private sector cybersecurity partnerships.
🎯 Key Takeaway
Today’s episode wasn’t really about vulnerabilities.
It was about trust.
Trust in your Domain Controllers.
Trust in your AI assistants.
Trust in your package repositories.
Trust in your websites.
Trust in your software supply chain.
Attackers increasingly understand that compromising trust creates significantly greater impact than compromising individual systems. As organizations adopt AI, cloud-native development, and increasingly interconnected ecosystems, protecting those trust relationships becomes just as important as protecting infrastructure itself.
🛠️ Action Items
Patch all Windows Domain Controllers immediately
Verify Netlogon protections and firewall exposure
Audit Instagram and Meta-linked accounts for unauthorized recovery changes
Rotate cloud and development credentials if affected Red Hat packages were installed
Review GitHub Actions OIDC trust policies
Patch Ghost CMS deployments immediately
Train users to recognize ClickFix-style social engineering prompts
Revoke OpenAI Codex tokens if affected packages were present
Review Dashlane account device registrations
Audit Kubernetes and Docker environments for exposed APIs and excessive privileges
Patch Linux systems vulnerable to newly weaponized privilege escalation exploits
🧠 James Azar’s CISOs Take
What stood out to me today is how consistently attackers are targeting systems that sit at the center of organizational trust. Domain Controllers establish identity trust. AI assistants establish user trust. Package repositories establish software trust. Websites establish content trust. Every major story today involved an attacker exploiting one of those relationships rather than simply exploiting a technical vulnerability. That’s an important distinction because fixing trust failures requires more than patching software—it requires rethinking how we validate, authorize, and monitor critical interactions.
The second takeaway is that the pace of cybersecurity continues accelerating. Yesterday’s controversy involving Microsoft and security researchers was largely resolved within twenty-four hours. Public exploit code is now appearing almost immediately after disclosures. Supply chain attacks are moving from one ecosystem to another in days rather than months. Security leaders need operating models that can respond to events at this speed because attackers are no longer waiting for quarterly patch cycles or annual security reviews.
🔥 Stay Cyber Safe.
