大裁员后的翻车来了。这几天，Meta 旗下的 Instagram，被曝 AI 助手出现史诗级漏洞，导致多个 Ins 博主账号被盗。 平台给 AI 助手，默认开了一个超级权限，可以在无任何验证的情况下，直接帮人修改 Ins 的绑定邮箱。 流程则是 1. 用 VPN 假装自己在目标账号的国家 2. 跑到 Meta AI 聊天里，说我是这个账号的主人，想换个新邮箱 3. AI 傻乎乎地相信了，发验证码给黑客的新邮箱 4. 黑客把验证码告诉 AI，AI 就直接把账号邮箱，换成黑客的了，然后黑客就能重置密码、抢走账号 目前，Meta 已紧急修补了这个巨大漏洞。

🚨 BREAKING: Active supply chain attack across npm, PyPI, and Crates.​io. Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems. TrapDoor targets #crypto#, #DeFi#, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys. Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.

We’re continuing to work with Microsoft and GitHub to investigate the impact of the malicious Nx Console version 18.95.0. I'll share any updates on X (@jeffbcross and @NxDevTools) as well as in our security advisory: Initially, Microsoft indicated to us that there were 28 installs of the malicious version 18.95.0. Based on our own analytics for the compromised version, we currently believe the number of users who received the malicious package may be significantly higher; potentially over 6k installs. We’ll keep working to determine the actual impact and exposure, and I don’t want to speculate beyond the facts we have right now. But I also don’t want to minimize the situation. This is my top priority right now. Our team has been, and continues to be focused on understanding exactly what happened, helping affected users, hardening our systems and release processes, and being as transparent as possible throughout the investigation.

We’re sharing our completed post-mortem on the April 18th incident, prepared with @Mandiant and @CrowdStrike. We are publishing both an executive summary and the full report at the link below. Over the past four weeks, we’ve worked with hundreds of partners to help them understand their current security posture, and harden it where appropriate. We’ll continue this work, alongside taking additional proactive steps for the benefit of not only our partners, but also the ecosystem as a whole. We want to extend our thanks to our partners for their support and patience this past month. There’s a reason that over $12 billion has moved across the network in the past four weeks, and why the world’s most valuable asset issuers have stood by our side: they believe in us, in what the LayerZero protocol has to offer, and in the value of modular, isolated, application-controlled security. The work continues. And we look forward to continue showing up for the applications that trust us with their business, as well as the broader ecosystem.

Introducing nginx-poolslip, a fresh RCE for the the latest nginx release 1.31.0. nginx-rift has been patched, but our security agent Vega has found a new 0 day. We will release the full technical writeup with ASLR bypass 30 days after the patch on

We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

UPDATE: So far we've identified 639 compromised npm package versions across 323 unique packages in tonight’s Mini Shai-Hulud wave. That includes 558 versions across 279 unique @​antv packages. Most were detected within ~6 minutes of publication.

每周被下载 110 万次的开源基础包，被系统标记为已知恶意软件。 它的供应链安全评分直接归零。 这是一个名叫“迷你沙虫”（Mini Shai-Hulud）的代码蠕虫。 它近期在开源代码库里完成了大面积感染。 受害者名单里全是高频组件。 阿里巴巴的数据可视化套件 antv，数百个包被植入恶意代码。 前端常用的 echarts-for-react、timeago.js 等工具也无一幸免。 单是 echarts-for-react 这一项，每周的装机量就高达 110 万次。 起因是一个普通开发者账号失守。 用户名 atool 的账号被盗取了权限。 黑客接管后，往这些底层组件里塞进了混淆的恶意代码。 带毒的 3.2.7 版本发布仅仅 19 分钟，漏洞扫描就全红了。 现代软件工业的底层其实非常脆弱。 无数估值百亿的科技公司，底层都依赖着这些靠个人维护的开源轮子。 只要一个邮箱的密码被攻破，几百万个下游项目的安全大门就会被同时撬开。

MistEye 🚨 NPM 蠕虫 Shai-Hulud 开源，供应链风险升高。 Shai-Hulud 是近期备受关注的 'Git 恶意蠕虫'，现已被开源。 这意味着 TeamPCP 或其他方发布了完整可执行版本，潜在威胁显著增加。 各项目方和平台需提高警惕，立即加强防护，防范 NPM 供应链攻击。

Today's two supply chain incidents are likely connected: 1. `actions-cool/issues-helper` was compromised 2. AntV was compromised shortly after I noticed AntV was using `actions-cool/issues-helper@main` in GitHub Actions. Rspack was not affected because we pin Actions to commit ids via renovate's `pinGitHubActionDigests`. Strongly recommend enabling it.

⚠️ On May 16, 2026, we confirmed a targeted attack by a cybercrime group that gained unauthorized access to our GitHub repositories and downloaded our codebase. Here is the latest update about our investigations.

We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.

🚨 Community alert: Blockaid's exploit detection system has identified an on-going exploit on the @veruscoin Verus-Ethereum Bridge ( ~$11.58M drained so far. More details in🧵