Security Tips

CVE-2026-44338 in PraisonAI was disclosed publicly on May 14, 2026. Threat actors were observed attempting to exploit it within four hours. This is the new floor. PraisonAI is an open-source framework for building agentic AI applications. The vulnerability allowed remote code execution against PraisonAI instances. The disclosure-to-weaponization gap of four hours is approximately one hundred and sixty-eight times shorter than the gap commonly cited in security writeups from 2

The cybersecurity press names individual CVEs because individual CVEs make for clean headlines. The defender press should also be naming exploit chains, because exploit chains are what actually compromise production environments. May 2026 delivered a three-CVE chain that Security Boulevard called "a reliable, race-free, forensically quiet kill chain from the public internet to root." This post unpacks each CVE, how they chain, and why a chain-aware detection posture is the on

This week, the security vendor Trellix disclosed that attackers had gained unauthorized access to the code powering the company's security tools. Not customer data. Not employee records. The source code of the tools Trellix sells to defenders. Trellix descended from the 2022 merger of McAfee Enterprise and FireEye, two of the most storied security vendors in the industry. McAfee was breached in 2010. FireEye was breached in 2020 by the SolarWinds operator — the breach that ta

🔺 CONSPIRACY THEORY 🔺 The Newsletter They Don't Want You To Read Volume 49 | May 20, 2026 | $2.00 (cash only, exact change, no tracking, do NOT use Venmo) ――――――――――――――――――――― ATTENTION SUBSCRIBERS: If you registered for the STIX feed this week, you're already in the system. Yes, that one. Yes, the analytics ARE logged. The transparency goes one way. No nose biting, Jerry. ――――――――――――――――――――― THIS WEEK'S PATTERN: THE EMBEDDER IS THE PROGENY Stay with me. July eighth, 197

The activation problem in defender tooling is the curl wall. A SOC analyst registers for a STIX feed, gets a key, sees an example curl command, copies it, gets a 401 because they pasted the key wrong, never comes back. Three quarters of the keys we have ever issued never made a first call. We published the funnel data on that yesterday. The MCP path does not have the curl wall. If you run Claude Code, Cursor, Cline, ChatGPT desktop, or any other MCP client, you can wire two D

The DugganUSA STIX feed gives every registered defender a free-tier key with five hundred queries per day across the iocs, pulses, epstein_files, blog, and content indexes. The free tier is generous. The activation rate on the free tier is not. Three quarters of the keys we have ever issued have never made a first call. This post is the first call. Ten specific curl commands a defender can run against the public DugganUSA APIs to get useful output today. Each query has a sing

The DugganUSA blog ran a post on May 13 titled "ClickFix Is Konni Is PySoxy. Three Vendor Labels, One IP." The single-IP version of the thesis: vendor attribution fragmentation provides operational camouflage for the threat actor. Three analyst teams looking at the same infrastructure produce three different campaign labels at three different abstraction levels, and the defender ends up tracking a phantom three-campaign threat instead of the real one-operator threat. Today we

The disclosure landed this week. A contractor working for CISA — the agency responsible for cybersecurity guidance across the federal civilian network — kept a public GitHub repository named "Private-CISA" with 844 megabytes of credentials, internal blueprints, and signed certificates from November 13, 2025 through May 15, 2026. Six months in the open. GitGuardian's automated scanner caught it on May 14, 2026. Krebs and Seralys notified CISA the next day. The repository came

A common question right now is whether AI is making threat actors more sophisticated. The answer depends on what you mean by sophistication. The DugganUSA corpus has receipts at four distinct tiers of AI involvement in current cybercrime activity, and the four tiers behave like different problems. Treating them as one trend is the mistake. This post defines the tiers, names the receipts, and tells you where the defender stack is structurally blind. Tier 1 — AI as the lure Thi

This is a prediction post, not a receipts-after-the-fact post. The shape that prompts the prediction is unambiguous. The DugganUSA IOC corpus contains 31 Android-RAT-family indicators all-time. Fifteen of those 31 arrived in the last 72 hours. Forty-eight percent of a multi-month corpus appeared in three days. The source for every one of those 15 is our github-hunt-cron — the scheduled job that sweeps GitHub Search for known-bad infrastructure patterns at 08:15 UTC daily. The

CVE-2026-42945, dubbed NGINX Rift, is a heap buffer overflow in the ngx_http_rewrite_module that has been sitting in the codebase since NGINX 0.6.27. That is 2008. The vulnerability is rated CVSS 9.2 and affects every release from 0.6.27 through 1.30.0. Exploitation in the wild has been confirmed this week. The patch shipped May 13, 2026. If you have not deployed it yet, the rest of this post is what to look for in your logs while you finish the change-management ticket. What

DugganUSA ships two public MCP servers against the same threat intelligence corpus. Jeevesus is the read side — search the IOC index in natural language, enrich an IP, summarize what is hot in the STIX feed. Dredd is the judge side — before you install or invoke any other MCP server, ask Dredd whether that server is BLOCK, ADVISORY, or ALLOW. As of today, Dredd's verdict covers both the server's own identity and the server's directly declared dependency graph against our IOC

Earlier today we said your Lovable app was a spreadsheet wrapped in dark-mode CSS pointed at a Supabase free tier you had never logged into. That was the diagnostic post. This is the constructive one. We audited thirty of your spreadsheets and we are going to tell you, vector by vector, what your platform shipped with the brakes off, what is actually fine, and what you can do in the next twenty minutes to harden the thing without throwing the work away. The gap between a hack

The patch is the durable fix. Reboot the kernel, move on. This post is for the operators who cannot get a reboot window scheduled before CISA's federal deadline tomorrow, who need to know if anything is already moving against them, and who want a layered detection posture for the gap. Copy Fail (CVE-2026-31431) is a use-after-free in the Linux kernel's AF_ALG cryptographic socket subsystem, specifically the algif_aead module. The exploit path is small: the attacker opens an A

CISA added CVE-2026-31431 to the Known Exploited Vulnerabilities catalog on May 1. The federal civilian patch deadline is May 15. That is tomorrow. The vulnerability has a name that does almost all the work: Copy Fail. The technical mechanic is a use-after-free style bug in the Linux kernel's AF_ALG cryptographic socket subsystem, specifically the algif_aead module that gives userspace processes access to the kernel's crypto API. An in-place optimization shipped in 2017 misha

ReliaQuest published a campaign writeup yesterday calling it ClickFix. The technical content is sound: a social-engineering lure dropping obfuscated PowerShell that stages a Python interpreter, a compiled bytecode dropper called b64.pyc, and an old open-source SOCKS5 proxy called PySoxy that tunnels command-and-control traffic out to operator infrastructure. ReliaQuest published seven indicators: four IP addresses and three domains. One of those IP addresses — 185.205.211.217

Two pre-authentication remote code execution vulnerabilities in Fortinet products were patched today, May 13, 2026. Either one would be a P1 incident on its own. Together they are the entire core of a defensive posture going from useful to compromised in one TCP connection. The first is CVE-2026-44277, a pre-auth RCE in FortiAuthenticator, Fortinet's identity and access management appliance — the box that issues authentication tokens, federates with your SSO, and stamps "appr

On May 11, 2026, Google's Threat Intelligence Group disclosed that they had identified a previously unknown threat actor preparing a mass exploitation event using a zero-day vulnerability the team assessed with high confidence to have been developed by a large language model. Google quietly coordinated disclosure with the affected open-source project, the patch shipped, and the planned mass-hack-spree never happened. The vulnerability was a two-factor authentication bypass in

We've been tracking the Shai-Hulud family since December 4, 2025. V2 was the self-propagating npm worm. The April 29 Mini variant from TeamPCP hit SAP npm and pivoted to target Claude Code. May 11 brought another wave we indexed within hours. Today, May 13, brings V3 — and V3 is a different shape. This one didn't bypass the signing chain. It got the signing chain to sign for it. The reported scope, per StepSecurity, Endor Labs, Aikido, Socket, SafeDep, Microsoft Threat Intell

CISA dropped advisory AA26-097A this month, naming Iranian-affiliated APT activity targeting programmable logic controllers across United States critical infrastructure since at least March 2026. Water and wastewater systems. Energy. Government services. The advisory cites a small set of operator clusters by name and walks through the tradecraft — abuse of internet-exposed PLCs, credential reuse, lateral movement into industrial control plant networks. We have been doing the