Cyber KH Academy

The recent supply-chain attack was detected by multiple application security companies, including Socket, Ox Security, and Upwind, who confirmed the following three versions as malicious:

[email protected]
[email protected]
[email protected]

https://www.bleepingcomputer.com/news/security/popular-node-ipc-npm-package-compromised-to-steal-credentials/

no more just question, can we do code fast? but ...

The internet had another normal week...

💀 Poisoned installers
🔥 Firewall zero-days
🐧 Linux rootkits
☁️ Cloud hijacks
🎣 OAuth theft
🪤 ClickFix traps
🤖 AI bug hunting
⚠️ Fake updates everywhere

⚡ Weekly cyber recap just dropped: https://thehackernews.com/2026/05/weekly-recap-linux-rootkit-macos-crypto.html

Recap the week, supply chain and AI...

🤖AI in Cybersecurity
* Accenture & Anthropic Launch "Cyber AI": Accenture integrated Anthropic's Claude model into its security operations to automate responses, reducing vulnerability scan turnaround times from days to under an hour.
* **AI-Generated Vulnerabilities: Georgia Tech researchers reported a significant surge in CVEs stemming directly from flaws introduced by AI-generated code.
* Workforce Priorities: A 2026 Skills Gap Report identified AI and cybersecurity capabilities as the most critical competencies for employability and enterprise growth over the next five years.

⛓️‍💥Supply Chain & GitHub Actions
* Trivy Vulnerability Scanner Compromise: Aqua Security's widely used Trivy scanner suffered a severe multi-phase supply chain attack. Threat actors used "tag poisoning" in GitHub Actions (trivy-action) to force-push malicious commits, allowing them to harvest CI/CD pipeline secrets from runner memory and distribute infected binaries.
* Axios npm Package Hijack: The npm account for axios, a JavaScript library with over 100 million weekly downloads, was hijacked. Attackers bypassed normal GitHub Actions OIDC publishing workflows using a compromised long-lived token to distribute Remote Access Trojans (RATs).
* LiteLLM PyPI Attack: The threat group responsible for the Trivy incident expanded their operations by compromising the LiteLLM package in the Python Package Index (PyPI).

⏩ 2026 Cyber Trend TL;DR

1️⃣ AI vs. AI: Attackers use autonomous agents to automate breaches; defenders must use AI firewalls to stop them.
2️⃣ Supply Chain: The "build pipe" is the new perimeter. If you don't audit your third-party dependencies and AI models, you're already compromised.
3️⃣ Input Validation: The #1 killer. AI-generated code is fast but "lazy"—validate every input or face instant RCE/Injection.

📕 Bottom Line: Stop chasing "new" threats while ignoring the "old" basics. Sanitize data, verify identities, and monitor your AI and everything you want to secure 🔐...

Notepad++ has implemented additional security enhancements and cryptographic checks to strengthen its update process.

$$$ Cybersecurity budgets are booming… but are they actually working?

Many organizations spend millions on tools, services, and fancy tech—but often ignore the basics: knowing what you actually have. Broken inventories, unmonitored alerts, and misaligned priorities mean risks stay hidden while costs soar.

It’s like buying a ton of locks without knowing which doors exist. 🔒

Spend smart. Protect what matters. Otherwise, all that money just buys peace of mind on paper.

Top security risks to address in November 2025:
1. AI-driven attacks are increasingly common, making up about 1 in 6 data breaches this year. Threat actors use AI to craft sophisticated phishing emails and automate attacks at scale.
2. Ransomware-as-a-service groups continue to target critical infrastructure, finance, and healthcare sectors, increasing operational and data risks.
3. Critical unpatched Microsoft vulnerabilities pose serious dangers; timely patching is essential.Nation-state cyber intrusions and financially motivated attacks are rising, often exploiting supply chain weaknesses.
4. Governance and control over AI use within organizations is crucial to avoid "shadow AI" risks.
5. Stay vigilant with multi-factor authentication, timely patching, AI threat awareness, and coordinated defense as these evolving threats challenge security in 2025.

AI handles the quick configs and fixes, but the real decisions come from understanding architecture, dependencies and all the messy context.

ប្រើប្រាស់ extension ដោយប្រុងប្រយ័ត្ន

Security researchers warn that over 2.3 million users have just been compromised, but there are many more extensions lurking.

⚠️ℹ️
Just because you know something doesn’t mean you have to act on it.
And even if you know everything, it doesn’t give you the right to cross boundaries.

True wisdom lies in restraint, respect, and knowing when not to speak or act.
Expertise is powerful—but it should be handled with humility, not ego.

Let’s learn to stay in our lane, support others, and honor the space they’ve earned.