Albert Kramer

As a result of a US government directive, we are suspending access to Claude Fable 5 for all users. You can continue to use all other Claude models. Here’s what this means for you: Across Claude products, new sessions will run on your selected default model or Opus 4.8, and existing Fable 5 sessions will end with an error. On the Claude Platform, requests to Fable 5 will also return an error. Please update your integrations to other Claude models. We know this is a disruption to your workflows; we appreciate your patience and support.

‼️🚨 The Mini Shai-Hulud npm worm has hit again. Hundreds of antv packages compromised (Alibaba's data visualization suite) along with echarts-for-react, timeago.js, size-sensor, and canvas-nest.js. It all started today with the compromise of npm account atool ([email protected]). In a 22-minute window between 01:39 and 02:06 UTC, the attacker published 631 malicious versions across 314 packages, all carrying the same payload. Top affected packages by monthly downloads: - [email protected] - 4.2M dl/mo - [email protected] - 3.8M dl/mo - @antv/[email protected] - 2.2M dl/mo - [email protected] - 1.15M dl/mo - @antv/[email protected] - 1.0M dl/mo - @antv/[email protected] - 1.1M dl/mo - @antv/[email protected] - 975K dl/mo - @antv/[email protected] - 883K dl/mo - @antv/[email protected] - 751K dl/mo What the payload does (498KB obfuscated Bun script, runs via preinstall hook): - Harvests 20+ secret types: GitHub PATs, npm tokens, AWS keys, GCP service accounts, Azure creds, DB connection strings, Stripe keys, Slack tokens, SSH keys, Docker auth, Kubernetes configs, Vault tokens - Attempts Docker container escape if the host socket is reachable, spinning up a Privileged container with host filesystem bind mounts - Pulls a secondary payload via optional dependency antv/setup from antvis/G2 commit 1916faa, which was pushed 19 minutes before the npm publishes started

⚠️ Critical Linux Kernel Flaw ‘ssh-keysign-pwn’ Exposes SSH Keys and Shadow Passwords Source: https://t.co/wzp6CCp2lT A newly disclosed Linux kernel vulnerability is raising serious concerns across the security community, as it allows attackers to access highly sensitive data, including SSH private keys and password hashes, on affected systems. Tracked as CVE-2026-46333, the flaw has been nicknamed “ssh-keysign-pwn” and impacts a wide range of Linux distributions. The GitHub PoC ssh-keysign-pwn demonstrates exactly how to weaponize this race condition on pre‑31e62c2ebbfd kernels. #cybersecuritynews #Linux

Security things from the last few days: - CopyFail (linux pwn'd) - CopyFail 2/Dirty Frag - 13 advisories in Next.js - Over 70 CVEs addressed in MacOS 26.5 - ~50 CVEs addressed in iOS 26.5 - YellowKey (Windows Bitlocker pwn'd entirely) - GreenPlasma (Windows privilege escalation) - CVE-2026-21510 and CVE-2026-21513 confirmed to be used by Russia for Windows RCE - CVE-2026-32202 separately confirmed to be used by Russia for sensitive document access - Mini-Shai Hulud (over 300 JS and Python packages compromised via GitHub Action cache poisoning) - Google confirms they have identified AI-powered exploitation of zero days in an unidentified "open-source, web-based system administration too" - Canvas (popular LMS used in most schools) pwn'd entirely - PAN-OS (palo alto networks) pwn'd with a 9.3 severity CVE-2026-0300 Are you scared yet?

‼️🚨 BREAKING: A new npm supply-chain attack uses a dead-man's switch. The payload plants a watcher on your machine that nukes your home directory the second you revoke the GitHub token it stole from you. The compromise happened today, across 42 official tanstack npm packages, 84 malicious versions in total. tanstack/react-router alone pulls more than 12 million weekly downloads. The attacker forked TanStack's repository and pushed a single hidden commit. From there, they tricked TanStack's own release system into signing the malicious packages as if they were the real thing. To npm, and to anyone checking the cryptographic proof of origin (SLSA provenance), the poisoned versions looked 100% legitimate. Maintainer Tanner Linsley confirmed the whole team had 2FA enabled. It didn't matter. This is the first documented npm worm in history that ships with a valid, signed certificate of authenticity, the same one defenders rely on to know a package wasn't tampered with.