DugganUSA LLC is a cybersecurity company based in Minnesota that builds AI-powered threat intelligence tools. Our platform indexes over 1 million indicators of compromise (IOCs), 400,000+ DOJ Epstein documents, and provides a free STIX 2.1 threat feed consumed by Fortune 500 companies and defense contractors.

Butterbot is DugganUSA's AI-powered security chatbot with 40+ tools for searching IOCs, correlating threat indicators, traversing threat graphs, analyzing behavioral patterns, and running CARVER risk assessments. It uses OpenAI function calling with Meilisearch-backed indexes.

What is AIPM (AI Presence Management)?

AIPM is a tool that audits how AI models (GPT, Claude, Gemini, Perplexity) perceive and recommend your brand. It calculates an AIPM-NPS score by directly querying AI models, analyzes your website structure for AI crawler readiness, and provides optimization recommendations. Think 'SEO for the LLM era.'

Is the Epstein Files search free?

Yes. The Epstein Files Search at epstein.dugganusa.com offers a free tier with 500 queries per day. It covers all 12 DOJ EFTA datasets (400K+ documents), 2M+ ICIJ offshore entities, and 2M+ federal decisions. Professional and enterprise tiers are available for researchers and journalists needing higher limits.

Who founded DugganUSA?

DugganUSA was founded by Patrick Duggan on December 1, 2025, in Minnesota. Patrick's background includes Dell EMC, Palo Alto Networks, and embedded work at Microsoft on JEDI/Azure Stack. The company's D-U-N-S number is 14-363-3562.

What is the DugganUSA STIX feed?

DugganUSA operates a free STIX 2.1 threat intelligence feed at analytics.dugganusa.com/api/v1/stix-feed. It contains 1M+ indicators of compromise including botnet C2s, malicious IPs, and attack infrastructure. The feed is TAXII 2.1 compliant and is consumed by major organizations including Microsoft, AT&T, Amazon, and defense contractors.

81 Days and a PNG File: Two Breaches That Explain Everything Wrong With Security Right Now

Patrick Duggan
Mar 6
5 min read

# 81 Days and a PNG File: Two Breaches That Explain Everything Wrong With Security Right Now

Two security stories broke this week. One is about negligence. The other is about a problem nobody's solving. Together they explain why the industry is losing.

Story One: LexisNexis Had 81 Days

On February 24, 2026, a threat actor called FulcrumSec breached LexisNexis Legal & Professional through an unpatched React frontend application. The vulnerability — CVE-2025-55182, known as React2Shell — allowed unauthenticated remote code execution against React Server Components. CVSS score: 10.0. Exploitation success rate: near 100%.

The attacker exfiltrated 2.04 GB of structured data from LexisNexis's AWS infrastructure. 536 Redshift tables. Over 430 VPC database tables. 53 plaintext AWS Secrets Manager secrets. 3.9 million database records. 21,042 customer accounts. 45 employee password hashes. A complete VPC infrastructure map.

Among the exposed: 118 users with .gov email addresses — federal judges, Department of Justice attorneys, and SEC staff.

LexisNexis confirmed the breach on March 3, 2026.

Here's why this is inexcusable.

**December 3, 2025**: CVE-2025-55182 is publicly disclosed. Google, AWS, Microsoft, Palo Alto, Cloudflare, and Sophos all publish advisories. China-nexus threat groups — Earth Lamia and Jackpot Panda — are observed exploiting it within hours. The ShadowServer Foundation identifies over 165,000 vulnerable IP addresses.

**December 5, 2025**: CISA adds CVE-2025-55182 to the Known Exploited Vulnerabilities catalog with a remediation deadline of December 12, 2025. Seven days. That's how urgent CISA thought this was.

**December 12, 2025**: CISA's patch deadline passes.

**February 24, 2026**: LexisNexis gets breached. 81 days after the deadline. 83 days after public disclosure. Through the exact vulnerability that every major security vendor on earth had been screaming about since December.

We Had It

DugganUSA ingests the CISA KEV catalog. CVE-2025-55182 has been in our feed since December 5, 2025. We have 11 IOCs indexed for React2Shell — vulnerability indicators, malicious URLs, and China-nexus threat actor data.

Any organization consuming our STIX feed — 275+ consumers in 46 countries — had this CVE flagged 81 days before LexisNexis was breached. The data was there. The warning was there. The seven-day deadline from the federal government was there.

LexisNexis provides legal research tools to federal judges and DOJ attorneys. They left an unpatched React frontend exposed for nearly three months after CISA said patch it in a week.

This isn't a sophisticated attack. This isn't a zero-day. This is ignoring a fire alarm for 81 days and then being surprised when the building burns down.

Story Two: The PNG File That Owns Your Machine

Blackbox AI is a coding assistant with 4.7 million VSCode installs. It helps developers generate, test, debug, and deploy code. It has an AI agent with code execution capabilities built into your IDE.

Security researchers at Insinuator found that this agent will analyze images. It OCRs them. If someone embeds a malicious prompt in a PNG file — and that PNG ends up in your project directory — the extension reads the prompt, follows the instructions, and downloads and executes whatever the prompt tells it to.

From a PNG file. In your code editor. With whatever permissions your IDE has.

The researchers demonstrated a proof of concept: inject a prompt into a repository file, victim opens the extension's chat to analyze code, the extension triggers NTLM hash leakage and file exfiltration simultaneously. They also demonstrated a reverse shell — the extension attempted to execute a binary with sudo privileges at the attacker's instruction.

The researchers contacted Blackbox AI on August 27, 2025. And again on August 29. No response. After more than two months of silence, they informed the company they would publish. Still no response. They published in March 2026 — six months after initial disclosure.

4.7 million developers are running an extension that executes code from prompts hidden in image files. The vendor has known for six months and hasn't responded.

We Don't Have It (And That's the Point)

There is no CVE for the Blackbox AI extension. There are no IOCs to index. No IP addresses to block. No malware hashes to flag. The extension itself is the threat — it's in the VSCode Marketplace, it's legitimate, it's installed willingly by millions of developers.

You can't solve this with a threat feed. You can't patch it because the vendor won't respond. You can't block it at the firewall because the traffic looks like normal AI API calls.

This is the AI supply chain problem: millions of developers have given code execution capabilities to AI agents running inside their development environments. Those agents follow instructions. Some of those instructions come from attackers who embed prompts in files that look like source code or project assets.

The broader pattern is already in our feeds. In January 2026, Hacker News reported malicious VSCode AI extensions with 1.5 million installs stealing developer source code. In February, critical flaws were found in four VSCode extensions with over 125 million combined installs. In November 2025, a vibe-coded malicious extension was found with built-in ransomware capabilities.

The marketplace is the attack surface. The AI agent is the exploit. The developer's trust is the vulnerability.

What These Two Stories Have in Common

Nothing — and that's the lesson.

LexisNexis is a known-vulnerability problem. CISA screamed. Every vendor published advisories. We had IOCs in our feed 81 days before the breach. The data existed. The patching didn't happen. This is a governance failure. An organization that serves the federal judiciary couldn't be bothered to patch a CVSS 10.0 in the timeframe the federal government demanded.

Blackbox AI is an unknown-vulnerability problem. No CVE. No IOC. No patch available. The vendor is silent. The attack surface is architectural — any AI agent with code execution capabilities that processes untrusted input is exploitable by design.

The security industry is built for the first problem. Vulnerability scanners. Threat feeds. CISA deadlines. Patch management workflows. And it still fails — 81 days is proof.

The security industry has nothing for the second problem. When the software IS the vulnerability — when the thing you installed on purpose is the thing that compromises you — the entire model breaks. You can't scan for it. You can't block it. You can't even assign it a number.

The Numbers

**LexisNexis breach**:

- 81 days past CISA remediation deadline

- CVSS 10.0 (maximum severity)

- 3.9 million records exposed

- 118 .gov accounts (federal judges, DOJ attorneys, SEC staff)

- React2Shell in our STIX feed since December 5, 2025

- 11 IOCs indexed

- Cost of patching: hours. Cost of not patching: their reputation and their clients' data.

**Blackbox AI**:

- 4.7 million VSCode installs

- 6 months since vendor disclosure — zero response

- Attack vector: prompt injection via PNG file

- No CVE assigned

- No IOCs available

- Exploits the trust relationship between developer and IDE

One breach was preventable with data we've been publishing for three months. The other isn't preventable with any data anyone has.

Both happened this week.

What To Do

**For React2Shell / LexisNexis-type exposures**: Consume a threat feed. We publish one for free — 275+ organizations in 46 countries already do. CISA publishes the KEV catalog. CVE-2025-55182 has been in both since December 2025. If you're running React Server Components and you haven't patched, stop reading this and go patch. Now.

**For Blackbox AI / supply chain trust exposures**: Audit your IDE extensions. Every one of them. Any extension with AI agent capabilities and code execution permissions is a potential attack surface. Check if it processes images, analyzes untrusted files, or follows instructions embedded in project assets. If the vendor has a disclosure policy, check if anyone's reported to it. If the vendor doesn't respond to security researchers for six months, uninstall.

The threat feed solves one problem. Judgment solves the other. You need both.

**DugganUSA STIX Feed**: Free. 981,000+ IOCs. 46 countries. CVE-2025-55182 indexed since December 5, 2025.

**https://analytics.dugganusa.com**

*DugganUSA LLC — because 81 days is a choice, not a surprise.*

*Her name was Renee Nicole Good.*

*His name was Alex Jeffery Pretti.*