In this week's Seclog, the security landscape reveals critical vulnerabilities spanning AI systems, web frameworks, and consumer electronics, alongside a significant focus on strengthening software supply chain security. AI platforms like Superhuman and Claude Cowork demonstrated susceptibility to data and file exfiltration via prompt injection and isolation flaws, emphasizing the need for robust AI security. Developer tooling also faced scrutiny, with nation-state actors exploiting VS Code hooks for zero-interaction compromises and the Python ecosystem receiving substantial investment to bolster its security. Additionally, new research exposed vulnerabilities in Meta's API Gateway leading to zero-click account takeovers, SSRF in SvelteKit, and a novel hijacking technique for Bluetooth devices using Google Fast Pair. The importance of maintaining crucial open-source security tools and ethical considerations in security research were also highlighted, rounding out a week dominated by evolving attack surfaces and proactive defense strategies.

📚 SecMisc #

Pentagon Pizza Index OSINT Tool - pizzint.watch

This unconventional OSINT dashboard monitors pizza shop activity around the Pentagon, offering a novel approach to tracking geopolitical tensions. It demonstrates how seemingly innocuous public data can be creatively leveraged for intelligence gathering.

📰 SecLinks #

Superhuman AI Email Exfiltration Vulnerability - promptarmor.com

Superhuman AI was found vulnerable to email exfiltration, allowing sensitive data access without user awareness, highlighting critical security gaps in AI-powered applications. This vulnerability, rapidly remediated, underscores the importance of stringent security testing and isolation in AI systems processing sensitive user information.

Claude Cowork AI File Exfiltration - promptarmor.com

Claude Cowork is susceptible to file exfiltration attacks through indirect prompt injection, exploiting known but unresolved isolation flaws in its code execution environment. This demonstrates the persistent challenge of securing AI systems against sophisticated injection techniques that bypass sandboxing mechanisms.

Anthropic Funds Python Security Initiatives - pyfound.blogspot.com

Anthropic's $1.5 million investment in the Python Software Foundation will significantly bolster CPython and PyPI security, addressing critical software supply chain risks. This partnership aims to make crucial security advancements across the Python ecosystem, benefiting all users and sustaining the language's core infrastructure.

Chaining Image Tag to Fortinet RCE - baldur.dk

Researchers chained a simple <img> tag to achieve Remote Code Execution (RCE) in Fortinet EMS, demonstrating how seemingly minor vulnerabilities can escalate. This exploit, while not zero-click, highlights three distinct methods for exploitation, emphasizing the importance of thorough input validation in web applications.

Meta API Gateway XSS Zero-Click Takeover - ysamm.com

Multiple Cross-Site Scripting (XSS) vulnerabilities in Meta's Conversions API Gateway can lead to zero-click account takeovers. This is critical as the gateway processes sensitive customer interaction data and bypasses traditional browser-based tracking, making it a high-value target for attackers.

Benchmarking AI-Powered SAST Performance - codethreat.com

AI-powered SAST engines are being developed to address issues like alert fatigue and missed context-rich vulnerabilities in traditional application security tools. Benchmarking efforts aim to demonstrate how these new tools can more effectively identify and prioritize real-world security flaws, improving developer and security team efficiency.

SvelteKit SSRF and One-Shot DoS - zhero-web-sec.github.io

SvelteKit's Node adapter was found to have a Server-Side Request Forgery (SSRF) vulnerability due to insufficient origin validation, leading to potential full-read SSRF. This issue can also enable a one-shot Denial of Service (DoS) attack, impacting applications that rely on SvelteKit's server-side rendering without explicit SSRF safeguards.

WhisperPair Hijacks Google Fast Pair Devices - whisperpair.eu

Researchers discovered WhisperPair, a family of attacks exploiting flaws in Google Fast Pair implementations on flagship Bluetooth accessories. This vulnerability allows attackers to hijack devices and track victims through Google's Find Hub network, demonstrating how usability features can introduce significant security and privacy risks.

2025 Cloud Security Year in Review - hackingthe.cloud

The 2025 year in review highlights a maturation of cloud security research, faster community-driven incident response, and a growing recognition of cloud security as a core discipline. Key themes included persistent software supply chain risks, developer-targeted attacks, and the increasing importance of transparency from cloud providers, setting the stage for 2026.

Gixy-Next Rescues Nginx Static Analysis - joshua.hu

Gixy-Next is a new fork of the Gixy Nginx static analysis tool, created to rescue it from becoming obsolete due to "AI slop" and lack of maintenance. This initiative provides an actively maintained solution for automatically finding vulnerabilities in Nginx configurations through a set of checks and plugins.

WhatsApp Lacks End-to-End Encryption Validation - toki.la

WhatsApp's closed-source client applications prevent independent validation of its end-to-end encryption claims. This lack of transparency undermines the primary benefit of E2EE, which is to eliminate the need to trust a third party, rendering WhatsApp "untrustable" by this metric.

🐦 SecX #

DPRK Exploits VS Code Hooks - x.com

North Korea (DPRK) has reportedly abused VS Code hooks that run automatically in the background when opening a trusted folder. This highlights a severe supply chain risk in development environments, as it requires zero user interaction after initial repo trust, enabling silent compromise.

Ethical Concerns Over PoCs in Production - x.com

This post raises ethical concerns regarding the use of Proof-of-Concepts (PoCs) in production systems, particularly for marketing stunts. It warns against the unethical practice of adding unnecessary risk to popular production systems for public relations purposes, emphasizing responsible disclosure and research.

💻 SecGit #

Kingfisher: Fast Secret Detection Tool - github.com

MongoDB's Kingfisher is a new, highly accurate tool for secret detection and live validation across a wide array of platforms including Git repos, AWS S3, Docker images, Jira, and Slack. This open-source tool provides a "blazingly fast" solution for improving secret hygiene and preventing sensitive data exposure throughout the development and operational lifecycle.

← Back to Seclog