[00:00] Announcer: From Neural Newscast, this is Prime Cyber Insights, Intelligence for Defenders,
[00:04] Announcer: Leaders, and Decision Makers.
[00:11] Aaron Cole: Welcome to Prime Cyber Insights for March 17th.
[00:15] Lauren Mitchell: We're opening today with a critical shift in how attackers are compromising the software supply chain through GitHub and AI services.
[00:24] Aaron Cole: Lauren, the data from Git Guardian is striking.
[00:27] Aaron Cole: They've reported an 81% surge in AI service leaks this year, contributing to 29 million secrets hitting public GitHub.
[00:36] Aaron Cole: But the real story is what happens once those credentials are in the wrong hands.
[00:40] Lauren Mitchell: Exactly, Aaron.
[00:42] Lauren Mitchell: We're tracking a campaign codenamed Force Memo, an offshoot of the Glassworm malware.
[00:47] Lauren Mitchell: Attackers are using stolen GitHub tokens to force push malicious code into Python repositories.
[00:54] Lauren Mitchell: They aren't just adding files.
[00:56] Lauren Mitchell: They're rebasing legitimate commits to inject obfuscated malware into setup.py and main.py files.
[01:04] Aaron Cole: The technical tradecraft here is worth noting.
[01:07] Aaron Cole: By force pushing to the default branch, they rewrite Git history,
[01:11] Aaron Cole: meaning there is no pull request or commit trail in the UI for maintainers the spot.
[01:16] Aaron Cole: This campaign has already hit over 150 repositories
[01:20] Aaron Cole: and even briefly compromised two React Native NPM packages.
[01:25] Lauren Mitchell: It's a sophisticated entry vector, too.
[01:27] Lauren Mitchell: They're acquiring these tokens by compromising developer systems through malicious VS code and cursor extensions.
[01:35] Lauren Mitchell: For practitioners, this highlights that the development environment itself is now a high-priority target for secret exfiltration.
[01:43] Aaron Cole: Turning to infrastructure vulnerabilities, CISA added a wing FTP flaw to its known Exploited Vulnerabilities Catalog.
[01:51] Aaron Cole: CVE 2025-47813 is an information disclosure bug that leaks server paths, which attackers are using to facilitate a much more critical remote code execution flaw.
[02:04] Lauren Mitchell: That's a vital connection, Aaron.
[02:06] Lauren Mitchell: While the path leak is only a medium severity on its own,
[02:09] Lauren Mitchell: its role in enabling RCE makes it a priority.
[02:13] Lauren Mitchell: Federal agencies have until March 30 to patch.
[02:16] Lauren Mitchell: It's a reminder that even low-impact info leaks
[02:19] Lauren Mitchell: are often the first step in a larger kill chain.
[02:22] Aaron Cole: Finally, malware bytes is warning about SEO poisoning targeting remote workers.
[02:27] Aaron Cole: Users searching for remote VPN clients are being served high-ranking fake sites that deliver the high-racks info stealer.
[02:35] Aaron Cole: The malware is even signed with a certificate to bypass local security checks before stealing work login details.
[02:41] Lauren Mitchell: The deceptive part is that the malware actually installs a legitimate VPN client after the infection to avoid suspicion.
[02:50] Lauren Mitchell: Aaron, this reinforces the need for organizations to mandate that all software be sourced exclusively from internal portals or direct vendor downloads.
[02:59] Aaron Cole: That concludes our briefing for today. For the full technical breakdown, visit pci.neuralnewscast.com. Stay vigilant.
[03:09] Lauren Mitchell: This briefing is for informational purposes only.
[03:12] Lauren Mitchell: For specific risk management, consult your security team or legal counsel.
[03:17] Lauren Mitchell: Neural Newscast is AI-assisted, human-reviewed.
[03:20] Lauren Mitchell: View our AI transparency policy at neuralnewscast.com.
[03:25] Lauren Mitchell: See you next time.
[03:26] Announcer: This has been Prime Cyber Insights on Neural Newscast.
[03:29] Announcer: Intelligence for defenders, leaders, and decision makers.