Please turn JavaScript on
Find more feeds
Phoenix Security icon

Phoenix Security

follow.it gives you an easy way to subscribe to Phoenix Security's news feed! Click on Follow below and we deliver the updates you want via email, phone or you can read them here on the website on your own news page.

You can also unsubscribe anytime painlessly. You can even combine feeds from Phoenix Security with other site's feeds!

Title: Phoenix Security - FIX Vulnerability with context from appsec to cloud security

Is this your feed? Claim it!

Publisher:  Unclaimed!
Message frequency:  0.28 / day

Message History

Bitwarden CLI Backdoored: Shai-Hulud Returns Through a 93-Minute npm Window

Between 21:57 and 23:30 UTC on April 22, 2026, a malicious @bitwarden/[email protected] was live on npm for 93 minutes — long enough to reach CI/CD pipelines, developer workstations, and cloud automation hosts. The payload steals credentials across GitHub, AWS, GCP, and Azure, propagates as a self-replicating npm worm, injects GitHub Actions workflow stealers, and poisons AI codin...


Read full story
Phoenix Security Launches Phoenix Intelligence — Phoenix Blue: Agentic Vulnerability Intelligence Platform with Zero...

Phoenix Security launched Phoenix Blue at VulnCon 2026 — a standalone agentic vulnerability intelligence platform at phxintel.security. The platform indexes 300K+ CVE records and 2,080,512 advisory references from 15+ sources, adds six proprietary scoring systems, zero-day pre-CVE detection, and malicious package monitoring. Free for everyone, built agent-first with REST, Gra...


Read full story
@velora-dex/sdk Supply Chain Compromise: Build Pipeline Injection Delivers macOS Persistent Implant

Executive Summary On April 7, 2026 at 19:03 UTC, a backdoored version of @velora-dex/sdk landed on npm. Version 9.4.1 — a DeFi toolkit used for token swaps, limit orders, and delta trading on the VeloraDEX decentralised exchange — contains three lines of malicious code prepended to dist/index.js that execute the moment the package is imported. […]

The post


Read full story
Claude Code leak to vulnerability Three CVEs in Claude Code CLI and the Chain That Connects Them

Three shell injection sinks in Claude Code CLI chain from environment variable control to HTTP credential exfiltration, confirmed on v2.1.91 with timestamped callback evidence. The vendor says it is by design.

The post


Read full story
Claude Code Critical vulnerability: CI/CD Nightmare — 3 Command Injection Flaws in Claude Code CLI Allow Credential ...

Phoenix Security confirmed three command injection vulnerabilities in Anthropic's Claude Code CLI — all sharing the same root cause — with runtime proof-of-concept showing full credential exfiltration from CI/CD pipelines in non-interactive mode where the only trust gate is intentionally absent.

The post


Read full story