ActiveMQ Exploited in the Wild via CVE-2026-34197 and CVE-2024-32114

Thank you Edward Targett and The Stack for featuring Jonny Rivera's thoughts in your article on VulnCheck's (Jacob Baines) recent observation of the ActiveMQ vulnerability (first uncovered by Horizon3.ai) getting exploited in the wild. "Jonny Rivera from ActiveState, a software supply chain company, commented: 'Apache ActiveMQ is in millions of enterprise stacks. He added that what makes the bugs dangerous is that many organisations don't know they're running ActiveMQ at all [it is] buried in transitive dependencies, untracked, and nowhere near their patch queue…” 🗞️ Read the full article here: https://lnkd.in/e4u3HWUh

ActiveState's Sr. Director of Product Jonny Rivera flagged what makes this particular incident worth paying attention to beyond the CVE scores themselves. Apache ActiveMQ is in millions of enterprise stacks. The problem is that many organizations do not know they are running it. It is buried in transitive dependencies, untracked, and nowhere near their patch queue. That is the part of this story that should concern security teams most. This is not a case where defenders failed to patch something they knew about. This is a case where the vulnerable component was invisible to them entirely, sitting several layers deep in a dependency chain no one had mapped. Transitive dependencies are the open source software security blind spot that scanners consistently undercount. You cannot patch what you cannot see, and you cannot see what you never inventoried. The 91% of DevSecOps leaders who report limited visibility into container components are not outliers. They are the norm, and incidents like this are the consequence. If you are a defender trying to determine your exposure right now, Horizon3.ai has published clear IOC guidance. Look for network connector activity referencing vm:// URIs with brokerConfig=xbean:http in your ActiveMQ broker logs. That pattern does not appear during normal broker operations. The broader lesson here is not about ActiveMQ specifically. It is about the class of risk that lives in the dependencies your team did not deliberately choose, has not actively tracked, and will not find until something like this surfaces it. Upgrade to Apache ActiveMQ 5.19.4 or 6.2.3 if you have not already. Then go find out what else is in your stack you did not know was there. Full breakdown via The Stack, by Edward Targett linked in the first comment. #OpenSourceSecurity #SoftwareSupplyChain #CVE #DevSecOps #CISOInsights

A serious security flaw in Docker Engine lets attackers bypass authorization plugins by padding a single HTTP request to more than 1MB — causing the security check to be skipped entirely while the Docker system processes the full request and creates a privileged container with root access to the host machine. This works against every authorization plugin in the ecosystem. The flaw has been patched in Docker Engine version 29.3.1. If attackers exploit this flaw to gain access to company systems, your personal data stored by businesses using Docker could be stolen or exposed. 💥 #CyberNewsLive https://lnkd.in/d4T_UDBq

💢 15 different methods for 2FA Bypass Techniques 💢 1. Response Manipulation In response if "success":false Change it to "success":true 2. Status Code Manipulation If Status Code is 4xx Try to change it to 200 OK and see if it bypass restrictions 3. 2FA Code Leakage in Response Check the response of the 2FA Code Triggering Request to see if the code is leaked. 4. JS File Analysis Rare but some JS Files may contain info about the 2FA Code, worth giving a shot 5. 2FA Code Reusability Same code can be reused 6. Lack of Brute-Force Protection Possible to brute-force any length 2FA Code 7. Missing 2FA Code Integrity Validation Code for any user account can be used to bypass the 2FA 8. CSRF on 2FA Disabling No CSRF Protection on disabling 2FA, also there is no auth confirmation 9. Password Reset Disable 2FA 2FA gets disabled on password change/email change 10. Backup Code Abuse Bypassing 2FA by abusing the Backup code feature Use the above mentioned techniques to bypass Backup Code to remove/reset 2FA reset restrictions 11. Clickjacking on 2FA Disabling Page Iframing the 2FA Disabling page and social engineering victim to disable the 2FA 12. Iframing the 2FA Disabling page and social engineering victim to disable the 2FA If the session is already hijacked and there is a session timeout vulnerbility 13. Bypass 2FA with null or 000000 Enter the code 000000 or null to bypass 2FA protection. Steps:- 1. Enter “null” in 2FA code 2. Enter 000000 in 2FA code 3. Send empty code - Someone found this in grammarly 4. Open new tab in same browser and check if other API endpoints are accessible without entering 2FA 14. Google Authenticator Bypass Steps:- 1) Set-up Google Authenticator for 2FA 2) Now, 2FA is enabled 3) Go on password reset page and change your password 4) If you are website redirect you to your dashboard then 2FA (Google Authenticator) is bypassed 15. Bypassing OTP in registration forms by repeating the form submission multiple times using repeater Steps :- 1) Create an account with a non-existing phone number 2) Intercept the Request in BurpSuite 3) Send the request to the repeater and forward 4) Go to Repeater tab and change the non-existent phone number to your phone number 5) If you got an OTP to your phone, try using that OTP to register that non-existent number. Telegram Channel : https://lnkd.in/dbfyuaME #bugbountytips #bugbounty

A GitHub branch name was enough to steal the very token Codex used to authenticate with GitHub. On March 30, 2026, BeyondTrust Phantom Labs detailed a critical command-injection flaw in OpenAI Codex. By crafting a malicious branch name, an attacker could inject arbitrary shell commands. This didn't just affect one interface—it compromised the web app, CLI, SDK, and the IDE extension. The vulnerability turned the agent's own credentials into a liability, allowing for automated token theft across repositories. The timeline from disclosure to hardening shows the complexity of securing coding agents: → December 2025: Initial hotfix deployed. → January 2026: Iterative shell-escape hardening and restricted token access. Lessons from this breach: 🔹 Input sanitization is non-negotiable for AI agents, especially when they act as an interface between users and external platforms. 🔹 Treat your agent's credentials as high-privilege assets. If it has access to GitHub, your agent has your keys. 🔹 Hardening isn't a single patch; it requires architectural changes to limit what a compromised agent can actually touch. How do you handle credential isolation for the AI tools integrated into your dev workflow? #CyberSecurity #OpenAICodex #DevSecOps #SupplyChainSecurity #BuildInPublic

Critical Vulnerability: 2-Day-Old GitHub Account Injects AI-Generated Dependency into Popular NPM Package 🛰️ [SECURITY] A new GitHub account attempted a supply chain attack on a popular NPM package. Why it matters: This incident highlights the pervasive vulnerability of open-source software supply chains to sophisticated attacks. Even seemingly innocuous performance improvements can mask malicious intent, underscoring the critical need for rigorous vetting and community oversight in widely used dependencies. 🤔 How can the open-source community scale vigilance and automated defenses to counter increasingly subtle supply chain attacks? #SupplyChainSecurity #OpenSourceSecurity #GitHubVulnerability #NPM #CyberAttack 📡 Follow DailyAIWire for high-signal AI news.

📰 **Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data** A high-severity flaw in GitHub Copilot Chat allowed silent theft of source code, API keys, and secrets from private repos without executing code. 🔗 [Citeste articolul aici](https://lnkd.in/dG9JW8SR)

While recently tackling the "Silentium" environment, I hit a wall: two critical vulnerabilities were present, but there were no public PoCs available to bridge the gap from zero access to a shell. Instead of moving on, I decided to build the bridge myself. The Discovery: The first crack was CVE-2025-58434. I identified that the forgot-password endpoint was leaking the tempToken directly in the API response. This allowed for an unauthenticated Account Takeover (ATO) with nothing but a target email address. The Escalation: Once inside, the real challenge began. CVE-2025-59528 exists because user-supplied configurations are passed directly to a JavaScript Function() constructor. By wrapping a reverse shell payload in Base64 to bypass character sanitization, I was able to trigger Remote Code Execution (RCE) via Node.js child_process. The Result: I’ve released a modular Python-based PoC that automates this entire chain: Leak the token. Reset the admin password. Authenticate and extract session cookies. Execute an asynchronous reverse shell. This allows for a full compromise of self-hosted Flowise deployments from a zero-credential starting point. Check out the full PoC here: 🔗 https://lnkd.in/gKSCihH8 #CyberSecurity #RedTeaming #ExploitDev #PenetrationTesting #HTB #Flowise #VAPT

This is big. Really big. An AI model just found bugs that sat in production software for decades. Here’s the unbelievable details… And it should change how you think about software risk. Claude’s latest model (Mythos) made me stop and pay attention. Not because of benchmarks. Because of the jawdropping things it actually did… Anthropic ran a simple test. They gave the model source code and a short prompt… “find a security issue.” No guidance after that. It went to work. 1/ It found a 27-year-old bug in OpenBSD. Not a simple one. It connected two small issues most people would treat as unrelated and showed how they combine into something exploitable. 2/ It found a long-hidden flaw in FFmpeg’s H.264 code. This is one of the most tested codebases out there. Fuzzed, reviewed, studied for years. Still missed. 3/ It found and exploited a remote code execution bug in FreeBSD’s NFS server. End-to-end. No human help. Built a working exploit that could give an attacker root access. It also chained multiple browser bugs into a full system takeover. From a webpage to kernel access. That’s not autocomplete. That’s reasoning across steps, constraints, and edge cases. A few things make this hard to dismiss. Anthropic committed to their claims using cryptographic hashes for the undisclosed bugs. So they can’t walk this back later. These are zero-days. By definition, the model couldn’t have memorized them. And human security teams checked the results. They agreed with the model’s severity ratings almost every time. So this isn’t hype. It’s true capability. Now the really uncomfortable part. Anthropic isn’t releasing this widely. They’re limiting access to partners so defenders can patch before attackers catch up. Makes sense. The same system that finds bugs can exploit them. But this doesn’t stay contained for long. They even noted that other models are already close in this area. This isn’t one lab. It’s a direction the whole field is moving in. What changes from here? The cost of finding serious vulnerabilities just dropped. A lot. If bugs can sit in production for 15–25 years and a model can surface them in hours, every codebase looks different now. Security teams need to rethink their assumptions. And software leaders need to take this seriously. Fast. There’s a window where defenders can get ahead. It won’t stay open long.