OX Security

introducing… OX HOT SAUCE 🥵🔥 today marks a bold new chapter for OX Security 🌶️ OX HOT SAUCE is here — in 3 scorching flavors: X — Medium Risk XX — Elevated Threat XXX — Critical Severity because at OX… Security Starts at the Sauce 🔥

we're 💥AMP'd💥 to be partners, Torq ! ! ! thanks for dropping by our OX BOX, Trevor From Torq and Bob Boyle 🤘

💥 BREAKING NEWS <> AXIOS COMPROMISED 💥 🎤 Moshe Siman Tov Bustan breaks it down for us. 𝐖𝐡𝐚𝐭 𝐡𝐚𝐩𝐩𝐞𝐧𝐞𝐝? Attackers injected a malicious dependency into Axios → massive supply chain attack (~100M downloads/week). 𝐇𝐨𝐰 𝐭𝐡𝐢𝐬 𝐡𝐚𝐩𝐩𝐞𝐧𝐬? • hidden dependency executes on install • downloads OS-specific malware • installs a remote access trojan (RAT) 𝐈𝐦𝐩𝐚𝐜𝐭? • full system compromise • credential theft (API keys, tokens, SSH, etc.) • remote command execution • data exfiltration • persistence + lateral movement across systems 𝐖𝐡𝐚𝐭 𝐜𝐚𝐧 𝐲𝐨𝐮 𝐝𝐨? • Rotate all keys + tokens immediately • Revoke and reissue credentials • Pin dependencies to known-safe versions • Audit for suspicious activity

🚨 Too Good To BI True 🚨 Free Business Intelligence tools = direct path to your crown jewels 💎 OX Security analyzed 5 of the most popular open-source BI platforms… 📊 45,000+ exposed instances ⚠️ 7 vulnerabilities (4 zero-days) 💥 5/5 platforms failed 1 thing in common: every exploitation chain led to full system compromise ‼️

𝗕𝗿𝗲𝗮𝗸𝗶𝗻𝗴 𝗻𝗲𝘄𝘀!! 🚨🚨🚨 Axios was compromised in a supply chain attack with a cross-platform remote access trojan (RAT). Versions 0.30.4 and 1.14.1 pulled in a malicious dependency, plain-crypto-js@4.2.1. Production systems might be affected, as well as developer workstations. If you recently installed the affected versions, uninstall immediately and rotate your keys and credentials. We’re actively analyzing the payload and IOCs now. More details here: https://lnkd.in/dpfE-sgp

😢 TeamPCP was sad no one analyzed their malware 🤝 Moshe Siman Tov Bustan and Nir Za accepted their challenge 💪 🔗 link to the full technical analysis in the comments!

📢 OFFICIAL STATEMENT 📢 as experts in supply chain security, we've contacted Nestlé to discuss securing their future shipments of Kit Kat Bars and their entire family of sweet treats 😌

Mike Donavanik, with the HARD HITTING journalism at RSAC 🎤 our social media manager’s first RSAC — he did all the things... and maybe took some naps 🫠 

🚨🚨 BREAKING NEWS 🚨🚨 Moshe Siman Tov Bustan — our Security Research Team Leader — gives a breakdown of an active threat: malicious versions of the official Telnyx Python SDK, specifically 4.87.1 and 4.87.2, were uploaded to PyPI. These versions contain a highly sophisticated credential-stealing payload. full technical analysis in the comments ⬇️