☕ Good Morning Security Gang,
Today’s headlines, one message stood above everything else:
The modern attack surface is no longer defined by what you own. It’s defined by everything you trust.
Today’s show was built around one central theme supply chain risk in every possible form. We examined a critical vulnerability affecting PTC Windchill, one of the world’s most widely deployed product lifecycle management platforms, where active exploitation has already resulted in web shells on manufacturing systems. We looked at the latest chapter in the Clue breach saga, which somehow became even more chaotic after the extortion group itself was reportedly compromised. Researchers disclosed a dangerous flaw in Amazon Q Developer that could silently execute malicious code and steal AWS credentials simply by opening a poisoned repository. We also learned that investigators have linked Russia to the devastating Jaguar Land Rover cyberattack that ultimately cost the British economy an estimated $2.5 billion.
These aren’t isolated incidents. They’re reminders that software vendors, SaaS integrations, AI assistants, development tools, suppliers, and third-party credentials have all become part of the enterprise security perimeter.
Coffee cup cheers, gang. Let’s get into it.
🧭 Executive Summary
Today’s cybersecurity landscape demonstrated how attackers continue exploiting trust relationships instead of attacking organizations directly.
Whether targeting manufacturing systems through product lifecycle management software, compromising cloud environments through AI-assisted developer tools, abusing forgotten OAuth credentials, or poisoning third-party web components, the objective remains the same: leverage someone else’s trusted connection to reach the real target.
The lesson for security leaders is increasingly clear.
Every vendor relationship, every software dependency, every developer plugin, and every cloud integration now deserves the same governance once reserved only for traditional infrastructure.
📰 Top Stories & Deep Dive Analysis
"One person operating with apparently minimal operational security managed to compromise a market intelligence platform used by some of the most prominent names in cybersecurity, LastPass, HackerOne, Recorded Future, Tanium and then promptly got their own data taken by someone else. The attacker didn't need to be sophisticated. They just needed the credential and an automated Python script querying the Salesforce REST API. That's it. Audit your OAuth tokens today, that's the lesson here."
🚨 CISA Adds Critical PTC Windchill Vulnerability to KEV as Active Exploitation Begins
The most urgent story today involves CVE-2026-39616, a critical remote code execution vulnerability affecting PTC Windchill and FlexPLM, both widely used product lifecycle management platforms across aerospace, defense, automotive, healthcare, manufacturing, and industrial engineering organizations. CISA added the vulnerability to its Known Exploited Vulnerabilities catalog after attackers were observed actively deploying JSP web shells against vulnerable systems.
This isn’t simply another internet-facing application vulnerability.
Windchill often serves as the central repository for an organization’s most valuable intellectual property. Engineering drawings, CAD files, product roadmaps, bills of material, supplier documentation, manufacturing workflows, regulatory submissions, and sensitive design information frequently reside within these environments.
Researchers determined the vulnerability stems from unsafe deserialization, allowing completely unauthenticated attackers to execute arbitrary code remotely without requiring credentials or user interaction.
Historically, product lifecycle management platforms have not been frequent attack targets, which has led many organizations to prioritize VPNs, identity systems, and firewalls while overlooking engineering platforms.
That assumption no longer holds.
Organizations should immediately patch affected Windchill and FlexPLM deployments, hunt for JSP web shells, review indicators of compromise published by PTC, and treat any confirmed compromise as a full incident response event rather than simply applying the available update.
🔗 The Klue Supply Chain Breach Somehow Gets Even Worse
The Klue supply chain breach continues evolving into one of the year’s most remarkable cybersecurity stories. Security researchers now estimate approximately two dozen organizations have confirmed exposure, including several additional cybersecurity vendors beyond those previously disclosed.
But today’s developments introduced an unexpected twist.
According to customer notifications reviewed by multiple media outlets, the extortion group Icarus reportedly suffered its own compromise. The stolen data collected from Klue customers has allegedly been copied by a second threat actor that is now conducting an independent extortion campaign using the exact same information.
If confirmed, this fundamentally changes how organizations should think about ransomware negotiations.
Even if one attacker agrees to delete stolen data after payment, nothing prevents another criminal group from already possessing its own copy.
“Assume stolen data doesn’t stay with one attacker. Assume it propagates.” James Azar
Investigators continue tracing the original compromise back to a credential issued during a pilot project nearly four years ago that was never revoked. From that single forgotten credential, attackers harvested OAuth tokens, accessed Salesforce environments, extracted CRM information, customer contacts, pricing intelligence, and sales communications affecting organizations throughout the cybersecurity industry.
The breach has become a textbook example of how third-party trust relationships can create systemic risk long after everyone assumes a project has ended.
☁️ Amazon Q Developer Vulnerability Allowed Silent AWS Credential Theft
Researchers disclosed a serious vulnerability affecting Amazon Q Developer, Amazon’s AI-powered coding assistant integrated into Visual Studio Code, JetBrains IDEs, Eclipse, and Visual Studio.
“The attack surface isn’t the thing you built, it’s everything you’re connected to.” James Azar
The vulnerability allowed attackers to place a specially crafted configuration file inside an otherwise ordinary software repository. The moment a developer opened that repository, Amazon Q automatically executed the malicious configuration without requesting user approval.
Because those spawned processes inherited the developer’s environment, attackers could silently capture AWS access keys, session tokens, cloud authentication credentials, API keys, SSH agent sockets, and other sensitive secrets.
Perhaps the most concerning aspect is that developers did not need to click anything. Simply opening the repository was sufficient.
Researchers demonstrated multiple realistic attack scenarios, including malicious GitHub repositories, typosquatted npm packages, fake coding assessments used during job interviews, and compromised open-source projects.
The vulnerability reflects a broader industry challenge.
Several competing AI coding assistants were found vulnerable to nearly identical automatic execution behavior, suggesting that the race to improve developer productivity has often outpaced secure design.
Organizations should ensure Amazon Q is updated immediately, rotate any potentially exposed AWS credentials, review cloud activity logs, and begin treating AI coding assistants with the same scrutiny applied to privileged administrative software.
🚗 Russia Linked to the $2.5 Billion Jaguar Land Rover Cyberattack
One of the biggest cyber investigations of the past year reached an important milestone as investigators reportedly attributed the devastating Jaguar Land Rover cyberattack to a Russian threat group.
The attack began in August 2025 and forced Jaguar Land Rover to halt manufacturing operations for nearly six weeks. The disruption ultimately required a £1.5 billion government bailout while generating an estimated $2.5 billion economic impact across the United Kingdom.
According to investigators from the FBI, Britain’s National Crime Agency, Google’s Mandiant, Palo Alto Networks, and other partners, the ransomware employed an unusually sophisticated encryption mechanism unlike previous campaigns. No public ransom demand was ever issued, leaving investigators uncertain whether the operation was financially motivated, state-directed, or somewhere in the increasingly blurred space between criminal groups and government-backed activity.
Regardless of attribution, the incident illustrates how cyberattacks targeting manufacturing can rapidly evolve into national economic events with consequences extending well beyond the directly affected organization.
⚡ Need to Know
🌐 Polymarket Suffers Third-Party JavaScript Supply Chain Attack
Prediction platform Polymarket confirmed that attackers compromised a third-party web dependency and injected malicious JavaScript into its frontend. While fewer than fifteen users were affected, approximately $3 million in cryptocurrency was stolen. The blockchain itself remained secure—the compromise occurred entirely through a trusted third-party web component.
📧 14.2 Million ISP Accounts Exposed in Japan
Japanese telecommunications provider KDDI disclosed that attackers exploited a vulnerability within third-party software supporting six internet service providers, exposing up to 14.22 million customer email addresses and passwords. Customers should immediately change passwords and enable multi-factor authentication where available.
📱 FBI Warns About Signal Backup Recovery Keys
The FBI updated previous guidance regarding Russian intelligence operations targeting Signal users. Attackers now specifically request Signal backup recovery keys after compromising accounts, allowing them to restore encrypted message history. Organizations relying on Signal for sensitive communications should educate users that legitimate support personnel never request backup recovery keys.
💰 SIM Swapping Crew Arrested in Poland
Polish authorities arrested four suspects accused of conducting SIM swapping attacks against telecommunications providers to facilitate cryptocurrency theft. The arrests reinforce that SIM swapping remains one of the most effective methods for bypassing SMS-based authentication.
🇮🇷 Iranian Hacker Arrested in Montenegro
Authorities in Montenegro arrested an Iranian national wanted by the United States for allegedly conducting years of cyberattacks targeting more than 150 American universities, causing an estimated $3.4 billion in damages through computer intrusion and intellectual property theft.
🏛️ CISA Leadership Changes Continue
Department of Homeland Security leadership indicated that a permanent CISA Director nomination is expected soon while discussions continue regarding future staffing and workforce expansion across the agency.
🎯 Key Takeaway
Today’s episode wasn’t about zero-days.
It wasn’t about ransomware.
And it wasn’t really about AI.
It was about trust.
The trusted engineering platform.
The trusted SaaS vendor.
The trusted AI assistant.
The trusted JavaScript dependency.
The trusted OAuth credential.
Every major story today demonstrated that attackers increasingly succeed not by breaking security but by inheriting trust that organizations have already granted someone else.
🧠 James Azar’s CISOs Take
What stood out to me today is how every one of these incidents reinforced the same architectural weakness. Organizations continue extending trust through integrations, developer tools, vendors, and cloud services without applying the same governance they apply to internal systems. The PTC Windchill vulnerability puts engineering intellectual property at risk. The Clue breach demonstrates how one forgotten pilot credential can ripple across dozens of cybersecurity companies. Amazon Q shows that developer productivity tools now deserve the same security review as privileged infrastructure because they operate with access to cloud credentials, source code, and enterprise environments.
The second takeaway is that supply chain security has evolved beyond software bills of materials. We now need visibility into OAuth tokens, AI plugins, third-party JavaScript, development environments, browser extensions, cloud identities, and vendor-issued credentials. Trust has become one of the largest attack surfaces in modern cybersecurity. Organizations that continuously validate those trust relationships will be far better positioned than those relying on assumptions made years ago.
🛠️ Action Items
Patch all PTC Windchill and FlexPLM systems immediately
Hunt for JSP web shells and review published indicators of compromise
Audit all OAuth integrations connected to Salesforce and Clue
Rotate dormant API keys and third-party credentials
Update Amazon Q Developer to the latest secure version
Rotate AWS credentials for developers who used vulnerable releases
Monitor cloud activity for unusual API behavior
Review third-party JavaScript dependencies supporting customer-facing applications
Reset passwords for affected KDDI-hosted email services where applicable
Educate executives about Signal recovery key phishing campaigns
Reassess vendor offboarding and credential lifecycle processes
🔥 Stay Cyber Safe.
