Jered Bare

Before Cisco published CVE-2026-20127 (CVSS 10.0, zero-day), GreyNoise sensors observed eight activity surges compressing from 39 days to 2 days. That countdown pattern repeated across 33 CVEs — with a median lead time of 11 days before public disclosure. Join us on Wednesday for the  live "Ten Days Before Zero" findings. https://t.co/hmmpwOsR8L

Heads up if your CI pipelines are failing right now! 🚨 OSV seems to be experiencing a major wave of false positives over the last few hours, incorrectly flagging massive, highly-trusted packages as malicious. A few of the biggest casualties so far: • npm @tanstack/start-storage-context (1.167.4) • PyPI fastapi (0.136.3) • PyPI strawberry-graphql (0.315.6) • npm @nx/key (5.0.7) If your deployment is bricked, verify manually before panicking. Automation is a tool, not a judge.

Tenant enumeration is dead. Microsoft has now patched both techniques that allowed full tenant domain discovery from a single unauthenticated request. That changes recon against M365 environments significantly. The signals still exist, tenant IDs, MOERA prefixes, brand metadata, but no single query gives you the full picture anymore. Effective enumeration now means chaining techniques together, validating against large datasets, and in some cases requiring authentication. Juan Pablo Gomes Postigo breaks down: • what the original technique was • what still works today • how we updated https://t.co/odd5t8dr5G going forward https://t.co/NjDIibtx4V #CyberSecurity #Pentesting #IdentitySecurity #SecurityResearch

GitHub’s report today confirms that the compromised Nx Console extension was used as the initial access vector in this attack. This is a difficult thing to read as the CEO of Nx, and I want to be direct about it: we take responsibility for the role our software played in this incident. I’m grateful to the GitHub, Microsoft, and independent security teams that moved quickly to investigate, contain, and share information publicly. This incident highlights that there need to be deeper, more fundamental changes to how we and other maintainers need to think about securing developer tooling and open source distribution. We are already making major changes to our publishing, automation, and extension security posture, and we’ll continue sharing those changes publicly as we implement them. We’re also beginning conversations with other high-profile open source maintainers about how we can work together on some of the deeper structural problems around software supply chain security. A lot of the assumptions the ecosystem has operated under for years no longer hold. Our focus right now is supporting affected users, hardening Nx, and helping push the broader ecosystem toward stronger supply chain security practices. Updates and guidance: https://t.co/szBoQ3doaX