{"feed_version":"1.0","generator":"halting-problems-cti","generated_at":"2026-06-30T18:25:09.190Z","entries":[{"id":"HP-pnpm-package-manager-supply-chain-advisory-batch","summary":"pnpm Package-Manager Supply-Chain Advisory Batch","details":"pnpm disclosed a cluster of package-manager vulnerabilities affecting lockfile integrity, Git dependency fetching, repository registry configuration, patch application, and symlink creation; responders should inventory vulnerable pnpm versions and review credential-bearing install paths.","modified":"2026-06-27","published":"2026-06-27","affected":[{"package":{"ecosystem":"npm","name":"pnpm-package-manager-supply-chain-advisory-batch"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]},{"package":{"ecosystem":"node.js","name":"pnpm-package-manager-supply-chain-advisory-batch"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]},{"package":{"ecosystem":"package-manager tooling","name":"pnpm-package-manager-supply-chain-advisory-batch"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/pnpm-package-manager-supply-chain-advisory-batch"}]},{"id":"HP-cyclonedx-cdxgen-maven-scanning-command-injection","summary":"@cyclonedx/cdxgen Maven Scanner Command Injection","details":"CycloneDX cdxgen before 12.4.3 could execute shell metacharacters from repository-controlled Maven module paths when scanning attacker-controlled projects, putting developer workstations and CI SBOM runners at risk.","modified":"2026-06-26","published":"2026-06-26","affected":[{"package":{"ecosystem":"npm","name":"cyclonedx-cdxgen-maven-scanning-command-injection"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]},{"package":{"ecosystem":"maven","name":"cyclonedx-cdxgen-maven-scanning-command-injection"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]},{"package":{"ecosystem":"sbom tooling","name":"cyclonedx-cdxgen-maven-scanning-command-injection"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/cyclonedx-cdxgen-maven-scanning-command-injection"}]},{"id":"HP-immobiliarelabs-backstage-npm-phantom-gyp","summary":"Immobiliare Labs Backstage npm Packages Hit by Phantom Gyp","details":"On June 26, 2026, multiple @immobiliarelabs Backstage plugin versions were published to npm with a binding.gyp node-gyp hook and a new 5 MB index.js payload. Treat affected Backstage builds and developer or CI installs as credential exposure until lockfiles, package caches, and downstream audits are clean.","modified":"2026-06-26","published":"2026-06-26","affected":[{"package":{"ecosystem":"npm","name":"immobiliarelabs-backstage-npm-phantom-gyp"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/immobiliarelabs-backstage-npm-phantom-gyp"}]},{"id":"HP-leo-platform-npm-miasma-compromise","summary":"Leo Platform npm Miasma / Phantom Gyp Compromise","details":"StepSecurity disclosed a June 24, 2026 Leo Platform npm supply-chain compromise affecting 20 packages published in a three-second burst. Socket and Sonatype then tied three more malicious npm packages to the same Miasma / Mini Shai-Hulud Phantom Gyp tradecraft, extending the incident into a 23-package campaign update.","modified":"2026-06-25","published":"2026-06-25","affected":[{"package":{"ecosystem":"npm","name":"leo-platform-npm-miasma-compromise"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/leo-platform-npm-miasma-compromise"}]},{"id":"HP-simonecorsi-mawesome-tag-hijack","summary":"simonecorsi/mawesome GitHub Action Tag Hijack","details":"Mutable refs for simonecorsi/mawesome including latest, v1, v2, and v2.2.0 currently resolve to a composite action that installs Bun and always runs an obfuscated JavaScript payload, exposing GitHub Actions runners that still trust those tags.","modified":"2026-06-25","published":"2026-06-25","affected":[{"package":{"ecosystem":"github","name":"simonecorsi-mawesome-tag-hijack"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/simonecorsi-mawesome-tag-hijack"}]},{"id":"HP-codfish-semantic-release-action-tag-hijack","summary":"codfish/semantic-release-action GitHub Action Tag Hijack","details":"An attacker force-pushed a malicious composite action into codfish/semantic-release-action and moved fifteen published tags to that commit, exposing GitHub Actions runners that still trusted mutable refs such as v3, v4, and v5.","modified":"2026-06-24","published":"2026-06-24","affected":[{"package":{"ecosystem":"github","name":"codfish-semantic-release-action-tag-hijack"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/codfish-semantic-release-action-tag-hijack"}]},{"id":"HP-glasswasm-open-vsx-extensions","summary":"GlassWASM: Trojanized Open VSX Extensions Used TinyGo WebAssembly and Solana Memo C2","details":"Socket says two trojanized Open VSX extensions delivered a TinyGo-compiled WebAssembly loader that read Solana memo data to resolve `dodod[.]lat`, then built OS-specific download-and-execute commands for developer endpoints.","modified":"2026-06-20","published":"2026-06-20","affected":[{"package":{"ecosystem":"open-vsx","name":"glasswasm-open-vsx-extensions"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]},{"package":{"ecosystem":"vscode-extension-marketplace","name":"glasswasm-open-vsx-extensions"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/glasswasm-open-vsx-extensions"}]},{"id":"HP-jetbrains-malicious-plugins-ai-api-key-theft","summary":"15 Malicious JetBrains Plugins Stole AI API Keys from 70,000 Developers","details":"StepSecurity and JetBrains say 15 malicious JetBrains Marketplace plugins stole AI provider API keys from developers, then a remote kill-switch and marketplace purge removed the listings and banned the publisher accounts.","modified":"2026-06-19","published":"2026-06-19","affected":[{"package":{"ecosystem":"jetbrains-marketplace","name":"jetbrains-malicious-plugins-ai-api-key-theft"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]},{"package":{"ecosystem":"ide-plugins","name":"jetbrains-malicious-plugins-ai-api-key-theft"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/jetbrains-malicious-plugins-ai-api-key-theft"}]},{"id":"HP-sonatype-2026-003558-buffer-utilities","summary":"buffer-utilities: Lazarus Group npm Brandjacking Dropper","details":"Sonatype and JFrog describe buffer-utilities as a malicious npm brandjacking package in a Lazarus Group campaign; the package acts as a dropper that fetches and launches remote payloads.","modified":"2026-06-18","published":"2026-06-18","affected":[{"package":{"ecosystem":"npm","name":"sonatype-2026-003558-buffer-utilities"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]},{"package":{"ecosystem":"node","name":"sonatype-2026-003558-buffer-utilities"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/sonatype-2026-003558-buffer-utilities"}]},{"id":"HP-mastra-npm-supply-chain-attack","summary":"Mastra npm Supply Chain Attack","details":"On 2026-06-17, public reporting described an @mastra package-scope compromise that pushed easy-day-js as a malicious dependency across 140+ packages, executed a setup.cjs postinstall dropper, and exposed more than 1.1 million weekly downloads to second-stage credential theft and remote code execution behavior.","modified":"2026-06-17","published":"2026-06-17","affected":[{"package":{"ecosystem":"npm","name":"mastra-npm-supply-chain-attack"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/mastra-npm-supply-chain-attack"}]},{"id":"HP-pythagora-gpt-pilot-github-compromise","summary":"Pythagora gpt-pilot GitHub Compromise","details":"An attacker hijacked a Pythagora co-founder's GitHub account, force-pushed a Shai-Hulud credential-stealer to gpt-pilot's main branch, and lost the payload twice to ruff lint failures before any public downstream execution was shown.","modified":"2026-06-17","published":"2026-06-17","affected":[{"package":{"ecosystem":"github","name":"pythagora-gpt-pilot-github-compromise"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/pythagora-gpt-pilot-github-compromise"}]},{"id":"HP-shai-hulululud-ai-scanner-disruption-package","summary":"shai_hulululud npm Package Uses Prompt Injection and Token Flooding to Disrupt AI Malware Scanners","details":"Socket identified shai_hulululud@1.0.48596 as a deliberately packed npm package that appears designed to probe or disrupt AI-assisted malware review with prompt-injection text, safety-triggering comments, context flooding, and obfuscated JavaScript.","modified":"2026-06-16","published":"2026-06-16","affected":[{"package":{"ecosystem":"npm","name":"shai-hulululud-ai-scanner-disruption-package"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0"},{"fixed":"N/A"}]}]}],"severity":[{"type":"CVSS_V3","score":"CRITICAL"}],"references":[{"type":"WEB","url":"https://haltingproblems.com/threat/shai-hulululud-ai-scanner-disruption-package"}]}]}