https://sable.somoswilab.com https://sable.somoswilab.com/og-image.png SableOffensive — Chat with autonomous AI pentesting agents https://sable.somoswilab.com/blog https://sable.somoswilab.com/og-image.png SableOffensive Cybersecurity Blog https://sable.somoswilab.com/research https://sable.somoswilab.com/og-image.png SableOffensive Security Research https://sable.somoswilab.com/free-scan https://sable.somoswilab.com/og-free-scan.png Free security headers scan https://sable.somoswilab.com/blog/100-vibe-coded-apps-scanned https://sable.somoswilab.com/api/og?title=I+scanned+100+vibe-coded%7Capps.+73+had+a+BOLA.&mode=article&eyebrow=VIBE+CODING&category=VIBE+CODING&desc=Real+findings+from+100+Lovable%2C+Cursor%2C+and+Replit+MVPs.+73+had+broken+object-level+authorization.+Here+are+the+3+patches+every+vibe-coded+app+needs+before+launch.&meta=2026-05-08+%C2%B7+9+min I scanned 100 vibe-coded apps. 73 had a BOLA. https://sable.somoswilab.com/blog/2026-vibe-coder-security-checklist https://sable.somoswilab.com/api/og?title=The+2026+Vibe-Coder%7CSecurity+Checklist%3A+17+Items&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Your+first+%241K+customer%27s+data+is+worth+more+than+the+legal+exposure+of+skipping+this.+17+items+in+3+tiers%2C+before+launch.+No+four-figure+consultant.&meta=2026-05-22+%C2%B7+10+min The 2026 Vibe-Coder Security Checklist: 17 Items https://sable.somoswilab.com/blog/adobe-reader-zero-day https://sable.somoswilab.com/api/og?title=Adobe+Reader+Zero-Day+CVE-2026-34621%3A+Prototype%7CPollution+%2B+Use-After-Free+Exploited+Since+November+2025&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CVE-2026-34621+%28CVSS+8.6%29+is+a+prototype+pollution+%2B+use-after-free+in+Adobe+Acrobat+Reader%27s+JavaScript+engine.+Exploited+via+malicious+PDFs+in+phishing+campaigns+since+November+28%2C+2025.+CISA+KEV+April+13%2C+2026.+Technical+breakdown%2C+IOCs%2C+detection+rules%2C+and+patch+verification+for+the+134-day+in-the-wild+window.&meta=2026-04-30+%C2%B7+8+min Adobe Reader Zero-Day CVE-2026-34621: Prototype Pollution + Use-After-Free Exploited Since November 2025 https://sable.somoswilab.com/blog/adt-breach https://sable.somoswilab.com/api/og?title=ADT+Confirms+Data+Breach%3A+ShinyHunters%7CClaim+10+Million+Records+Stolen&mode=article&eyebrow=BREACH&category=BREACH&desc=ADT%2C+the+largest+US+home+security+company%2C+has+confirmed+a+data+breach+after+the+ShinyHunters+extortion+group+leaked+records+belonging+to+roughly+10+million+customers.&meta=2026-04-24+%C2%B7+6+min ADT Confirms Data Breach: ShinyHunters Claim 10 Million Records Stolen https://sable.somoswilab.com/blog/aegis-open-source-soar-indie-founders https://sable.somoswilab.com/api/og?title=AEGIS%3A+Open-Source%7CSOAR+for+Indie+Founders&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Six+months+of+running+a+closet+pentest+lab+told+me+commercial+SOAR+is+broken+at+indie+scale.+AEGIS+is+the+open-source+XDR%2BSOAR%2BSIEM+I+wrote+to+fix+it.&meta=2026-05-22+%C2%B7+11+min AEGIS: Open-Source SOAR for Indie Founders https://sable.somoswilab.com/blog/ai-2fa-bypass https://sable.somoswilab.com/api/og?title=Hackers+Used+AI+to+Build+a+Zero-Day+That+Bypasses%7CTwo-Factor+Authentication+%E2%80%94+Google+Stopped+It&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Google%27s+Threat+Intelligence+Group+confirmed+the+first+known+case+of+hackers+using+AI+to+develop+a+zero-day+exploit+that+bypasses+2FA+on+a+popular+open-source+web+admin+tool.&meta=2026-05-12+%C2%B7+7+min Hackers Used AI to Build a Zero-Day That Bypasses Two-Factor Authentication — Google Stopped It https://sable.somoswilab.com/blog/anthropic-mcp-rce-aegis https://sable.somoswilab.com/api/og?title=Anthropic+MCP+RCE%3A+7%2C000+Servers%7CExposed+and+Why+L1+Fast-Path+Matters&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Researchers+disclosed+a+critical+RCE+in+Anthropic%27s+Model+Context+Protocol+affecting+7%2C000%2B+public+servers+and+150M+downloads.+Here%27s+the+payload+pattern+and+how+AEGIS+L1+fast-path+blocks+it+in+microseconds.&meta=2026-04-26+%C2%B7+6+min Anthropic MCP RCE: 7,000 Servers Exposed and Why L1 Fast-Path Matters https://sable.somoswilab.com/blog/apache-http2-zero-day https://sable.somoswilab.com/api/og?title=CVE-2026-23918%3A+Apache+HTTP%2F2+Double-Free+Flaw+Lets%7CAttackers+Crash+Servers+and+Potentially+Execute+Remote+Code&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Apache+patched+CVE-2026-23918%2C+a+critical+double-free+vulnerability+in+HTTP%2F2+handling+that+enables+denial-of-service+and+potential+remote+code+execution.+CVSS+8.8.+Patch+to+2.4.67+immediately.&meta=2026-05-07+%C2%B7+6+min CVE-2026-23918: Apache HTTP/2 Double-Free Flaw Lets Attackers Crash Servers and Potentially Execute Remote Code https://sable.somoswilab.com/blog/astrazeneca-lapsus https://sable.somoswilab.com/api/og?title=LAPSUS%24+Reclama+el+Hack+de+AstraZeneca%3A%7C3GB+de+C%C3%B3digo+Fuente+y+Claves+Cloud&mode=article&eyebrow=BREACH&category=BREACH&desc=El+grupo+LAPSUS%24+afirma+haber+robado+3GB+de+AstraZeneca%3A+c%C3%B3digo+fuente%2C+credenciales+cloud+e+informaci%C3%B3n+interna.+AstraZeneca+no+ha+confirmado.+Lo+que+sabemos.&meta=2026-03-23+%C2%B7+5+min LAPSUS$ Reclama el Hack de AstraZeneca: 3GB de Código Fuente y Claves Cloud https://sable.somoswilab.com/blog/audit-cursor-v0-mvp-security https://sable.somoswilab.com/api/og?title=Audit+a+Cursor+or+v0-Built%7CMVP+Before+You+Launch&mode=article&eyebrow=VIBE+CODING&category=VIBE+CODING&desc=Three+vulnerabilities+AI-coding+assistants+introduce+that+aren%27t+in+their+training+data+%E2%80%94+and+the+5-minute+self-audit+that+catches+them+before+launch.&meta=2026-05-22+%C2%B7+9+min Audit a Cursor or v0-Built MVP Before You Launch https://sable.somoswilab.com/blog/booking-vendor-chain-breach https://sable.somoswilab.com/api/og?title=Booking.com+Breach%3A+When+the+Vendor%7CChain+Becomes+the+Attack+Surface&mode=article&eyebrow=BREACH&category=BREACH&desc=Booking.com+confirmed+unauthorized+third-party+access+to+reservation+data+this+week.+The+exposure+didn%27t+come+from+the+core+platform+%E2%80%94+it+came+from+the+vendor+chain.+Here%27s+what+failed+and+how+to+test+for+it.&meta=2026-04-26+%C2%B7+5+min Booking.com Breach: When the Vendor Chain Becomes the Attack Surface https://sable.somoswilab.com/blog/canisterworm-npm https://sable.somoswilab.com/api/og?title=CanisterWorm%3A+El+Mismo+Grupo+que+Atac%C3%B3%7CTrivy+Ahora+Infecta+135+Paquetes+de+npm&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=TeamPCP+%E2%80%94+el+grupo+detr%C3%A1s+del+ataque+a+Trivy+%E2%80%94+lanz%C3%B3+CanisterWorm%2C+un+gusano+npm+que+se+auto-propaga+por+135+paquetes+usando+tokens+robados+y+un+C2+en+blockchain+imposible+de+derribar.&meta=2026-03-23+%C2%B7+5+min CanisterWorm: El Mismo Grupo que Atacó Trivy Ahora Infecta 135 Paquetes de npm https://sable.somoswilab.com/blog/chrome-zero-days-2026 https://sable.somoswilab.com/api/og?title=Chrome+146+Zero-Days%3A+The+Skia%7Cand+V8+Attack+Surface%2C+2026+Edition&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CVE-2026-3909+and+CVE-2026-3910+put+3.5+billion+Chrome+users+at+risk.+This+is+a+2026+roundup+of+the+Skia+and+V8+attack+surface+%E2%80%94+what+the+vulnerabilities+are%2C+why+browser+engine+bugs+are+hard+to+kill%2C+and+what+defenses+actually+reduce+exposure.&meta=2026-05-22+%C2%B7+7+min Chrome 146 Zero-Days: The Skia and V8 Attack Surface, 2026 Edition https://sable.somoswilab.com/blog/chrome-zero-days-skia-v8 https://sable.somoswilab.com/api/og?title=Dos+Zero-Days+en+Chrome+con%7CExploits+Activos%3A+Actualiza+Ahora&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Google+lanz%C3%B3+una+actualizaci%C3%B3n+de+emergencia+para+Chrome+146+corrigiendo+CVE-2026-3909+y+CVE-2026-3910+%E2%80%94+dos+zero-days+en+Skia+y+V8+con+exploits+activos+en+la+vida+real.+3%2C500+millones+de+usuarios+en+riesgo.&meta=2026-03-24+%C2%B7+5+min Dos Zero-Days en Chrome con Exploits Activos: Actualiza Ahora https://sable.somoswilab.com/blog/cisco-fmc-zero-day https://sable.somoswilab.com/api/og?title=Cisco+FMC+Zero-Day%3A+36+D%C3%ADas%7Ccon+Ransomware+en+tu+Red&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=El+grupo+Interlock+explot%C3%B3+CVE-2026-20131+%28CVSS+10.0%29+en+Cisco+FMC+36+d%C3%ADas+antes+del+parche.+Descubre+si+tu+red+est%C3%A1+comprometida+y+c%C3%B3mo+actuar+ahora.&meta=2026-03-19+%C2%B7+4+min Cisco FMC Zero-Day: 36 Días con Ransomware en tu Red https://sable.somoswilab.com/blog/cisco-sdwan-kev https://sable.somoswilab.com/api/og?title=Cisco+SD-WAN+Auth+Bypass+CVE-2026-20182%7CAdded+to+CISA+KEV+%E2%80%94+Patch+by+May+17&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CVE-2026-20182+is+a+CVSS+10.0+authentication+bypass+in+Cisco+Catalyst+SD-WAN+under+active+exploitation.+CISA+added+it+to+KEV+with+a+May+17+deadline.+Here%27s+what+SD-WAN+admins+need+to+do+now.&meta=2026-05-15+%C2%B7+5+min Cisco SD-WAN Auth Bypass CVE-2026-20182 Added to CISA KEV — Patch by May 17 https://sable.somoswilab.com/blog/cisco-secure-workload-rce https://sable.somoswilab.com/api/og?title=Cisco+Patches+CVSS+10.0+Flaw+in+Secure+Workload+%E2%80%94%7CUnauthenticated+Attackers+Could+Gain+Site+Admin+via+API&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Cisco+fixed+CVE-2026-20223%2C+a+maximum-severity+REST+API+flaw+in+Secure+Workload+that+lets+unauthenticated+attackers+gain+Site+Admin+privileges%2C+access+sensitive+data%2C+and+modify+configs+across+tenant+boundaries.&meta=2026-05-23+%C2%B7+6+min+read Cisco Patches CVSS 10.0 Flaw in Secure Workload — Unauthenticated Attackers Could Gain Site Admin via API https://sable.somoswilab.com/blog/cpanel-auth-bypass https://sable.somoswilab.com/api/og?title=CVE-2026-41940%3A+cPanel+Authentication%7CBypass+Hit+1.5M+Servers+Before+Anyone+Noticed&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=A+critical+cPanel+%26+WHM+auth+bypass+%28CVSS+9.8%29+was+exploited+as+a+zero-day+for+months.+1.5M+servers+affected.+CISA+added+it+to+KEV.+Here%27s+what+you+need+to+know.&meta=2026-05-03+%C2%B7+6+min CVE-2026-41940: cPanel Authentication Bypass Hit 1.5M Servers Before Anyone Noticed https://sable.somoswilab.com/blog/cpanel-cve-2026-41940-auth-bypass https://sable.somoswilab.com/api/og?title=CVE-2026-41940%3A+cPanel+Auth+Bypass+Exploited%7C65+Days+as+0-Day%2C+1.5M+Servers+Exposed&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Critical+authentication+bypass+%28CVSS+9.8%29+in+cPanel+%26+WHM+via+CRLF+injection+in+cpsrvd.+Exploited+in+the+wild+since+February+23%2C+patched+April+28.+Full+technical+breakdown%2C+detection+rules%2C+mitigation%2C+and+post-compromise+checklist+for+hosting+providers.&meta=2026-04-30+%C2%B7+8+min CVE-2026-41940: cPanel Auth Bypass Exploited 65 Days as 0-Day, 1.5M Servers Exposed https://sable.somoswilab.com/blog/cpanel-zero-day https://sable.somoswilab.com/api/og?title=cPanel+Zero-Day+CVE-2026-41940%3A+Authentication%7CBypass+Hit+1.5M+Servers+Before+Patch&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=A+critical+cPanel+%26+WHM+zero-day+%28CVSS+9.8%29+was+exploited+for+months+before+a+patch+dropped.+Here%27s+the+technical+breakdown+and+what+to+do+now.&meta=2026-05-03+%C2%B7+6+min cPanel Zero-Day CVE-2026-41940: Authentication Bypass Hit 1.5M Servers Before Patch https://sable.somoswilab.com/blog/crunchyroll-breach-tellus-supply-chain https://sable.somoswilab.com/api/og?title=Crunchyroll+Breach%3A+How+a+Telus+Supply-Chain%7CCompromise+Let+Attackers+In+%E2%80%94+and+What+to+Hunt+For&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=The+Crunchyroll+breach+wasn%27t+a+direct+attack+%E2%80%94+it+was+a+supply-chain+pivot+through+a+compromised+Telus+employee+account.+Here%27s+the+attack+chain%2C+the+indicator+categories+to+watch%2C+and+how+to+hunt+for+this+class+of+threat.&meta=2026-05-24+%C2%B7+7+min Crunchyroll Breach: How a Telus Supply-Chain Compromise Let Attackers In — and What to Hunt For https://sable.somoswilab.com/blog/crunchyroll-breach https://sable.somoswilab.com/api/og?title=Crunchyroll+Hackeada%3A+100GB%7CRobados+v%C3%ADa+un+Empleado+de+Telus&mode=article&eyebrow=BREACH&category=BREACH&desc=Un+atacante+exfiltr%C3%B3+100GB+de+datos+de+Crunchyroll+en+24+horas+usando+acceso+de+un+empleado+de+Telus.+15M%2B+suscriptores+potencialmente+afectados.+Sony+no+ha+confirmado.&meta=2026-03-23+%C2%B7+5+min Crunchyroll Hackeada: 100GB Robados vía un Empleado de Telus https://sable.somoswilab.com/blog/darksword-ios https://sable.somoswilab.com/api/og?title=DarkSword%3A+El+Exploit+que+Hacke%C3%B3%7Ctu+iPhone+sin+que+lo+Supieras&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=DarkSword%2C+el+exploit+iOS+de+cadena+completa+activo+desde+noviembre+2025%2C+roba+credenciales+y+crypto+con+solo+visitar+una+web.+Actualiza+a+iOS+26.3.1+ahora.&meta=2026-03-19+%C2%B7+4+min DarkSword: El Exploit que Hackeó tu iPhone sin que lo Supieras https://sable.somoswilab.com/blog/defender-zero-day https://sable.somoswilab.com/api/og?title=Three+Microsoft+Defender+Zero-Days%7CUnder+Active+Attack%3B+Two+Remain+Unpatched&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CISA+orders+federal+agencies+to+patch+BlueHammer+flaw+as+researchers+disclose+three+Windows+Defender+zero-days+being+exploited+in+the+wild.&meta=2026-04-21+%C2%B7+6+min Three Microsoft Defender Zero-Days Under Active Attack; Two Remain Unpatched https://sable.somoswilab.com/blog/dirty-frag-linux https://sable.somoswilab.com/api/og?title=Dirty+Frag%3A+Chained+Linux+Kernel+Flaws%7CGive+Root+on+Every+Major+Distribution&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CVE-2026-43284+and+CVE-2026-43500+chain+two+kernel+page-cache+flaws+for+deterministic+root+escalation.+Public+PoC+available.+Here%27s+what+to+patch.&meta=2026-05-10+%C2%B7+7+min Dirty Frag: Chained Linux Kernel Flaws Give Root on Every Major Distribution https://sable.somoswilab.com/blog/drupal-core-rce https://sable.somoswilab.com/api/og?title=CVE-2026-9082%3A+Unauthenticated+SQL+Injection+in+Drupal%7CCore+Lets+Attackers+Execute+Remote+Code+on+PostgreSQL+Sites&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Drupal+patched+a+maximum-severity+SQL+injection+flaw+%28CVE-2026-9082%29+in+SA-CORE-2026-004.+Unauthenticated+attackers+can+exploit+PostgreSQL-backed+sites+for+RCE.+Here%27s+what+defenders+need+to+do+now.&meta=2026-05-21+%C2%B7+6+min CVE-2026-9082: Unauthenticated SQL Injection in Drupal Core Lets Attackers Execute Remote Code on PostgreSQL Sites https://sable.somoswilab.com/blog/exchange-owa-zero-day https://sable.somoswilab.com/api/og?title=Microsoft+Exchange+OWA+Zero-Day%7CCVE-2026-42897+Exploited+via+Crafted+Emails&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CVE-2026-42897+is+a+CVSS+8.1+reflected+XSS+zero-day+in+Exchange+OWA+actively+exploited+in+the+wild.+On-prem+Exchange+2016%2C+2019%2C+and+SE+are+affected.+Here%27s+what+defenders+need+to+do+now.&meta=2026-05-15+%C2%B7+5+min Microsoft Exchange OWA Zero-Day CVE-2026-42897 Exploited via Crafted Emails https://sable.somoswilab.com/blog/exim-dead-letter https://sable.somoswilab.com/api/og?title=Exim+CVE-2026-45185+%E2%80%94+Unauthenticated+RCE%7Cin+the+World%27s+Most+Deployed+Mail+Server&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=A+use-after-free+vulnerability+in+Exim%27s+BDAT+parsing+%28CVE-2026-45185%2C+aka+Dead.Letter%29+affects+versions+4.97-4.99.2+with+GnuTLS.+Patch+to+4.99.3+immediately.&meta=2026-05-12+%C2%B7+7+min Exim CVE-2026-45185 — Unauthenticated RCE in the World's Most Deployed Mail Server https://sable.somoswilab.com/blog/foster-city-ransomware https://sable.somoswilab.com/api/og?title=Foster+City+Declara+Emergencia%3A%7CRansomware+Paraliza+Toda+una+Ciudad&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Un+ataque+ransomware+paraliz%C3%B3+todos+los+servicios+de+Foster+City%2C+California+en+marzo+2026.+Qu%C3%A9+pas%C3%B3%2C+por+qu%C3%A9+los+gobiernos+locales+son+el+blanco+favorito+y+c%C3%B3mo+proteger+tu+organizaci%C3%B3n.&meta=2026-03-21+%C2%B7+6+min Foster City Declara Emergencia: Ransomware Paraliza Toda una Ciudad https://sable.somoswilab.com/blog/fox-tempest-takedown https://sable.somoswilab.com/api/og?title=Microsoft+Dismantles+Fox+Tempest%3A+The+%249K%7CMalware-Signing+Service+Behind+Ransomware%27s+Trust+Exploit&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Microsoft+took+down+Fox+Tempest%2C+a+malware-signing-as-a-service+that+created+1%2C000%2B+fraudulent+code-signing+certificates+for+ransomware+gangs+like+Qilin%2C+Akira%2C+and+INC.&meta=2026-05-20+%C2%B7+6+min Microsoft Dismantles Fox Tempest: The $9K Malware-Signing Service Behind Ransomware's Trust Exploit https://sable.somoswilab.com/blog/france-id-breach https://sable.somoswilab.com/api/og?title=France%27s+ID+Agency+Breach+Exposes+19%7CMillion+Passport+and+National+ID+Records&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=France+Titres+%28formerly+ANTS%29+confirmed+a+cyberattack+exposing+19M+records+including+passports%2C+national+IDs%2C+and+driver%27s+licenses.+French+prosecutors+linked+the+breach+to+a+15-year-old+hacker.&meta=2026-05-01+%C2%B7+6+min France's ID Agency Breach Exposes 19 Million Passport and National ID Records https://sable.somoswilab.com/blog/free-scan-vs-pentest-startup https://sable.somoswilab.com/api/og?title=Free+Scan+or+Full+Pentest%3F+A+Decision%7CGuide+for+Founders+Shipping+a+Vibe-Coded+MVP&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=You%27re+about+to+launch+a+Cursor+%2F+Lovable+%2F+v0+MVP+and+you%27re+not+sure+whether+a+free+security+scan+is+enough+or+you+actually+need+a+pentest.+Here%27s+the+honest+decision+framework+%E2%80%94+what+each+catches%2C+what+each+misses%2C+and+how+to+tell+which+one+your+launch+needs.&meta=2026-06-01+%C2%B7+10+min Free Scan or Full Pentest? A Decision Guide for Founders Shipping a Vibe-Coded MVP https://sable.somoswilab.com/blog/gitea-container-exposure https://sable.somoswilab.com/api/og?title=Gitea+Container+Registry+Flaw+Left+30%2C000%7CPrivate+Image+Repositories+Wide+Open+for+4+Years&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CVE-2026-27771+let+anyone+on+the+internet+pull+private+container+images+from+Gitea+with+zero+credentials.+Healthcare%2C+aerospace%2C+and+critical+infrastructure+exposed.+Patch+to+1.26.2+now.&meta=2026-05-27+%C2%B7+7+min Gitea Container Registry Flaw Left 30,000 Private Image Repositories Wide Open for 4 Years https://sable.somoswilab.com/blog/github-actions-supply-chain-2026 https://sable.somoswilab.com/api/og?title=GitHub+Actions+Supply+Chain+in+2026%3A+tj-actions%2C%7CTrivy%2C+Bitwarden%2C+and+the+Year+the+Bots+Showed+Up&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=From+tj-actions%2Fchanged-files+%28CVE-2025-30066%2C+23%2C000+repos%29+to+Trivy+%28hackerbot-claw%2C+March+2026%29+to+Bitwarden+CLI+%28April+2026%29.+Real+cases%2C+IOCs%2C+the+pull_request_target+misconfiguration+that+ties+them+together%2C+and+detection+rules+CI%2FCD+teams+can+deploy+today.&meta=2026-04-30+%C2%B7+8+min GitHub Actions Supply Chain in 2026: tj-actions, Trivy, Bitwarden, and the Year the Bots Showed Up https://sable.somoswilab.com/blog/github-teampcp-breach https://sable.somoswilab.com/api/og?title=TeamPCP+Breaches+GitHub%3A+3%2C800+Internal+Repos%7CExfiltrated+via+Poisoned+VS+Code+Extension&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=The+TeamPCP+hacking+group+exfiltrated+3%2C800%2B+internal+GitHub+repositories+after+an+employee+installed+a+malicious+VS+Code+extension%2C+bypassing+enterprise+security.&meta=2026-05-20+%C2%B7+7+min TeamPCP Breaches GitHub: 3,800 Internal Repos Exfiltrated via Poisoned VS Code Extension https://sable.somoswilab.com/blog/grafana-token-breach https://sable.somoswilab.com/api/og?title=Grafana+GitHub+Token+Theft%3A%7CCodebase+Downloaded%2C+Ransom+Rejected&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Attackers+used+a+stolen+GitHub+token+to+download+Grafana%27s+full+codebase+and+demanded+a+ransom.+Grafana+refused.+Here%27s+what+happened+and+what+it+means+for+your+CI%2FCD+pipeline.&meta=2026-05-17+%C2%B7+6+min Grafana GitHub Token Theft: Codebase Downloaded, Ransom Rejected https://sable.somoswilab.com/blog/how-bola-killed-my-mvp https://sable.somoswilab.com/api/og?title=How+BOLA+killed+my+MVP+%28and+what%7CI+wish+I%27d+done+before+launch%29&mode=article&eyebrow=INDIE+DEV&category=INDIE+DEV&desc=A+founder%27s+first-person+account+of+shipping+a+project+management+SaaS%2C+discovering+a+BOLA+on+day+3%2C+notifying+40+users%2C+and+what+the+%2429+fix+would+have+looked+like+before+launch.&meta=2026-05-10+%C2%B7+8+min How BOLA killed my MVP (and what I wish I'd done before launch) https://sable.somoswilab.com/blog/huggingface-double-cve https://sable.somoswilab.com/api/og?title=Hugging+Face+Double+CVE%3A+TGI+DoS+and%7CLeRobot+RCE+Expose+AI+Infrastructure&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Two+critical+Hugging+Face+vulnerabilities+%E2%80%94+CVE-2026-0599+in+Text+Generation+Inference+and+unauthenticated+RCE+in+LeRobot+%E2%80%94+expose+AI+deployment+pipelines.+Patch+now.&meta=2026-05-13+%C2%B7+8+min Hugging Face Double CVE: TGI DoS and LeRobot RCE Expose AI Infrastructure https://sable.somoswilab.com/blog/huggingface-dual-cve-2026 https://sable.somoswilab.com/api/og?title=Two+Critical+CVEs+Hit+Hugging+Face%3A+TGI+DoS+%28CVE-2026-0599%29%7Cand+LeRobot+Unauthenticated+RCE+%28CVE-2026-25874%29&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Hugging+Face+ecosystem+under+fire%3A+CVE-2026-0599+crashes+TGI+servers+via+unbounded+image+fetching%2C+while+CVE-2026-25874+gives+unauthenticated+RCE+on+LeRobot+via+pickle+deserialization.+Patch+now.&meta=2026-05-11+%C2%B7+9+min Two Critical CVEs Hit Hugging Face: TGI DoS (CVE-2026-0599) and LeRobot Unauthenticated RCE (CVE-2026-25874) https://sable.somoswilab.com/blog/huggingface-malicious-repo https://sable.somoswilab.com/api/og?title=Fake+OpenAI+Repo+on+Hugging+Face+Delivered%7CRust+Infostealer+to+244%2C000+Developers&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=A+typosquatted+OpenAI+repository+reaching+%231+on+Hugging+Face+pushed+malware+to+244K+downloads.+Here%27s+what+developers+need+to+do+now.&meta=2026-05-11+%C2%B7+8+min Fake OpenAI Repo on Hugging Face Delivered Rust Infostealer to 244,000 Developers https://sable.somoswilab.com/blog/intuitive-surgical-breach-phishing-2026 https://sable.somoswilab.com/api/og?title=Breach+Intuitive+Surgical%3A+Un%7CEmail+Comprometi%C3%B3+Datos+M%C3%A9dicos&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Un+breach+por+phishing+comprometi%C3%B3+a+Intuitive+Surgical%2C+fabricante+del+robot+da+Vinci.+Qu%C3%A9+pas%C3%B3%2C+c%C3%B3mo+funcion%C3%B3+el+ataque+y+c%C3%B3mo+proteger+tu+empresa+hoy.&meta=2026-03-20+%C2%B7+4+min Breach Intuitive Surgical: Un Email Comprometió Datos Médicos https://sable.somoswilab.com/blog/itron-utility-breach https://sable.somoswilab.com/api/og?title=Itron+Smart+Meter+Breach%3A+28M%7CUtility+Customers+Exposed+via+API+Flaw&mode=article&eyebrow=BREACH&category=BREACH&desc=A+critical+API+authentication+flaw+in+Itron+smart+meters+exposed+28+million+utility+customer+records.+Attackers+exfiltrated+consumption+data+and+physical+addresses.+Detection+and+mitigation+guidance+for+utility+operators.&meta=2026-04-27+%C2%B7+5+min Itron Smart Meter Breach: 28M Utility Customers Exposed via API Flaw https://sable.somoswilab.com/blog/ivanti-epmm-rce https://sable.somoswilab.com/api/og?title=Ivanti+EPMM+CVE-2026-6973+RCE+Is%7CUnder+Active+Exploit+%E2%80%94+Patch+by+Sunday&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CISA+added+CVE-2026-6973+to+KEV+with+a+May+10+deadline.+850%2B+Ivanti+EPMM+instances+are+exposed+online.+Here%27s+what+defenders+need+to+do+now.&meta=2026-05-08+%C2%B7+7+min Ivanti EPMM CVE-2026-6973 RCE Is Under Active Exploit — Patch by Sunday https://sable.somoswilab.com/blog/kubernetes-rbac-privilege-escalation-2026 https://sable.somoswilab.com/api/og?title=Kubernetes+RBAC+in+2026%3A+From+nodes%2Fproxy+to%7CAKS+CVE-10.0+%E2%80%94+Three+Real+Paths+to+Cluster-Admin&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Three+documented+Kubernetes+privilege+escalation+paths+from+2026%3A+Graham+Helton%27s+nodes%2Fproxy+%E2%86%92+cluster-wide+RCE+disclosure+%28January%29%2C+CVE-2026-33105+in+Azure+Kubernetes+Service+%28CVSS+10.0%2C+April%29%2C+and+Kyverno%27s+ConfigMap+context+bypass+for+multi-tenant+clusters.+Detection+rules+and+RBAC+patterns+that+prevent+them.&meta=2026-04-30+%C2%B7+7+min Kubernetes RBAC in 2026: From nodes/proxy to AKS CVE-10.0 — Three Real Paths to Cluster-Admin https://sable.somoswilab.com/blog/lazarus-remotepe-rat https://sable.somoswilab.com/api/og?title=North+Korea%27s+Lazarus+Group+Deploys+RemotePE+%E2%80%94%7CA+Memory-Only+RAT+That+Leaves+Zero+Disk+Traces&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=The+Lazarus+Group+is+targeting+financial+and+crypto+firms+with+RemotePE%2C+a+fileless+RAT+that+runs+entirely+in+memory.+No+disk+artifacts%2C+no+traditional+IOCs+%E2%80%94+and+standard+EDR+may+miss+it+entirely.&meta=2026-05-25+%C2%B7+7+min North Korea's Lazarus Group Deploys RemotePE — A Memory-Only RAT That Leaves Zero Disk Traces https://sable.somoswilab.com/blog/lexisnexis-breach https://sable.somoswilab.com/api/og?title=LexisNexis+Hackeada%3A+Jueces+Federales+y+Abogados%7Cdel+DOJ+Expuestos+con+Password+%22Lexis1234%22&mode=article&eyebrow=BREACH&category=BREACH&desc=FulcrumSec+explot%C3%B3+una+vulnerabilidad+React+sin+parchear+y+rob%C3%B3+3.9M+de+registros+de+LexisNexis%2C+incluyendo+datos+de+jueces+federales%2C+fiscales+del+DOJ+y+personal+de+la+SEC.&meta=2026-03-25+%C2%B7+6+min LexisNexis Hackeada: Jueces Federales y Abogados del DOJ Expuestos con Password "Lexis1234" https://sable.somoswilab.com/blog/lmdeploy-ssrf https://sable.somoswilab.com/api/og?title=LMDeploy+SSRF+Vulnerability+Exploited%7CWithin+13+Hours%3A+What+You+Need+to+Know&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=A+critical+SSRF+flaw+in+LMDeploy%27s+vision-language+module+was+exploited+just+12+hours+after+disclosure.+Learn+how+it+works+and+what+to+patch.&meta=2026-04-27+%C2%B7+5 LMDeploy SSRF Vulnerability Exploited Within 13 Hours: What You Need to Know https://sable.somoswilab.com/blog/lovable-api-exposure https://sable.somoswilab.com/api/og?title=Lovable+BOLA%3A+48+Days%2C+Five+API+Calls%2C+Source+Code%7C%2B+Database+Credentials+of+Other+People%27s+Projects&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=A+Broken+Object+Level+Authorization+%28BOLA%29+flaw+in+Lovable%27s+backend+let+any+free-tier+account+read+source+code%2C+Supabase+credentials%2C+and+AI+chat+histories+of+other+users%27+projects.+Disclosed+via+HackerOne+March+3+2026%2C+marked+duplicate%2C+demonstrated+publicly+April+20.+Affects+projects+created+before+November+2025.+Five+API+calls+is+all+it+took.&meta=2026-04-30+%C2%B7+8+min Lovable BOLA: 48 Days, Five API Calls, Source Code + Database Credentials of Other People's Projects https://sable.somoswilab.com/blog/marquis-breach https://sable.somoswilab.com/api/og?title=Marquis%3A+C%C3%B3mo+un+Proveedor+Fintech%7CExpuso+672%2C000+N%C3%BAmeros+de+Seguro+Social&mode=article&eyebrow=BREACH&category=BREACH&desc=Un+ataque+ransomware+a+Marquis%2C+proveedor+fintech+de+cientos+de+bancos+en+Texas%2C+rob%C3%B3+SSNs+y+datos+financieros+de+672%2C075+personas.+La+brecha+silenciosa+que+dur%C3%B3+meses.&meta=2026-03-21+%C2%B7+6+min Marquis: Cómo un Proveedor Fintech Expuso 672,000 Números de Seguro Social https://sable.somoswilab.com/blog/mcp-confused-deputy https://sable.somoswilab.com/api/og?title=The+MCP+Confused+Deputy%3A+Provenance+Gaps%2C+Instruction%7CInjection%2C+and+DNS+Rebinding+in+the+Model+Context+Protocol&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=MCP%27s+tool-result+schema+carries+no+attestable+provenance.+ToolAnnotations+are+advisory%2C+not+security+boundaries.+The+official+fetch+server+pipes+attacker-controlled+content+straight+into+model+context.+Here%27s+the+confused-deputy+chain%2C+the+DNS+rebinding+footgun%2C+and+concrete+detection+rules.&meta=2026-05-25+%C2%B7+8+min The MCP Confused Deputy: Provenance Gaps, Instruction Injection, and DNS Rebinding in the Model Context Protocol https://sable.somoswilab.com/blog/megalodon-github-cdk https://sable.somoswilab.com/api/og?title=Megalodon%3A+How+5%2C561+GitHub%7CRepositories+Got+Backdoored+in+Six+Hours&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=The+Megalodon+campaign+injected+malicious+CI%2FCD+workflows+into+5%2C561+repos+using+forged+bot+identities.+Cloud+credentials%2C+SSH+keys%2C+and+OIDC+tokens+were+harvested+at+scale.+Here%27s+what+happened+and+how+to+protect+your+pipeline.&meta=2026-05-24+%C2%B7+7+min Megalodon: How 5,561 GitHub Repositories Got Backdoored in Six Hours https://sable.somoswilab.com/blog/microsoft-patch-tuesday-may-2026 https://sable.somoswilab.com/api/og?title=Microsoft+Patches+138+Vulnerabilities%3A%7CNetlogon+and+DNS+RCE+Flaws+Lead+May+Update&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Microsoft%27s+May+2026+Patch+Tuesday+fixes+138+CVEs+including+two+CVSS+9.8+RCE+flaws+in+Windows+Netlogon+and+DNS+Client.+Domain+controllers+are+the+priority+target.&meta=2026-05-13+%C2%B7+7+min Microsoft Patches 138 Vulnerabilities: Netlogon and DNS RCE Flaws Lead May Update https://sable.somoswilab.com/blog/mini-shai-hulud-npm https://sable.somoswilab.com/api/og?title=Mini+Shai-Hulud+Worm+Hits+172+npm+Packages+%E2%80%94%7CIncluding+TanStack%2C+Mistral+AI%2C+and+Guardrails+AI&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=The+self-spreading+npm+worm+Mini+Shai-Hulud+compromised+172%2B+packages+across+npm+and+PyPI%2C+targeting+CI%2FCD+secrets.+TeamPCP+is+behind+the+attack.&meta=2026-05-12+%C2%B7+7+min Mini Shai-Hulud Worm Hits 172 npm Packages — Including TanStack, Mistral AI, and Guardrails AI https://sable.somoswilab.com/blog/minifast-seo-iran https://sable.somoswilab.com/api/og?title=Iran%27s+Nimbus+Manticore+Deploys+AI-Assisted%7CMiniFast+Backdoor+via+Phishing+and+SEO+Poisoning&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Iranian+state-sponsored+APT+Nimbus+Manticore+is+using+AI-coded+malware%2C+phishing%2C+and+SEO+poisoning+to+target+aviation+and+software+firms+across+the+US%2C+Europe%2C+and+Middle+East.&meta=2026-05-26+%C2%B7+6+min Iran's Nimbus Manticore Deploys AI-Assisted MiniFast Backdoor via Phishing and SEO Poisoning https://sable.somoswilab.com/blog/navia-breach https://sable.somoswilab.com/api/og?title=Navia+Benefit+Solutions%3A+2.7+Millones%7Cde+Registros+de+Salud+Robados+en+Silencio&mode=article&eyebrow=BREACH&category=BREACH&desc=Hackers+accedieron+a+Navia+durante+24+d%C3%ADas+%28dic+2025+-+ene+2026%29+robando+SSNs+y+datos+de+salud+de+2.7M+personas.+El+Estado+de+Washington+entre+las+v%C3%ADctimas.&meta=2026-03-21+%C2%B7+6+min Navia Benefit Solutions: 2.7 Millones de Registros de Salud Robados en Silencio https://sable.somoswilab.com/blog/nextjs-api-security-vulnerabilities https://sable.somoswilab.com/api/og?title=Next.js+API+Security+Vulnerabilities%3A%7CThe+10+Most+Common+Findings+%282026%29&mode=article&eyebrow=PENTEST+101&category=PENTEST+101&desc=The+10+most+common+Next.js+API+bugs+in+startup+pentests%3A+missing+auth%2C+BOLA%2C+exposed+env+vars%2C+CSRF.+Code+examples+and+fixes+to+ship+before+launch.&meta=2026-05-06+%C2%B7+12+min Next.js API Security Vulnerabilities: The 10 Most Common Findings (2026) https://sable.somoswilab.com/blog/nginx-rce-rift https://sable.somoswilab.com/api/og?title=NGINX+Rift%3A+CVE-2026-42945+%E2%80%94+An+18-Year-Old%7CHeap+Overflow+Now+Under+Active+Exploitation&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=A+critical+18-year-old+heap+buffer+overflow+in+NGINX%27s+rewrite+module+%28CVE-2026-42945%2C+CVSS+9.2%29+is+being+actively+exploited+in+the+wild.+PoC+is+public.+Here%27s+what+every+NGINX+operator+needs+to+know.&meta=2026-05-26+%C2%B7+7+min NGINX Rift: CVE-2026-42945 — An 18-Year-Old Heap Overflow Now Under Active Exploitation https://sable.somoswilab.com/blog/nginx-rift https://sable.somoswilab.com/api/og?title=NGINX+Rift%3A+18-Year-Old+Heap+Overflow%7CLets+Attackers+Hijack+One-Third+of+the+Web&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CVE-2026-42945+is+a+heap+buffer+overflow+in+NGINX%27s+rewrite+module+hiding+since+2008.+CVSS+9.2%2C+unauthenticated+RCE%2C+PoC+public.+Here%27s+what+defenders+need+to+do+now.&meta=2026-05-14+%C2%B7+6+min NGINX Rift: 18-Year-Old Heap Overflow Lets Attackers Hijack One-Third of the Web https://sable.somoswilab.com/blog/nx-console-supply-chain https://sable.somoswilab.com/api/og?title=Nx+Console+18.95.0%3A+How+a+2.2M-Install+VS%7CCode+Extension+Became+a+Credential+Stealer&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=A+malicious+update+to+the+popular+Nx+Console+VS+Code+extension+targeted+2.2M%2B+developers%2C+injecting+a+498+KB+obfuscated+payload+to+steal+cloud+and+CI%2FCD+credentials.&meta=2026-05-20+%C2%B7+6+min Nx Console 18.95.0: How a 2.2M-Install VS Code Extension Became a Credential Stealer https://sable.somoswilab.com/blog/ollama-rce-model-loading-2026 https://sable.somoswilab.com/api/og?title=Ollama+Model+Loading+RCE%3A+Three+Years+of+the%7CSame+Bug+Class%2C+One+Self-Hosted+LLM+Runtime&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=From+CVE-2024-37032+%27Probllama%27+%28Wiz%2C+2024+path+traversal%29+to+the+Out-Of-Bounds+Write+in+MLLAMA+parsing+%28all+versions+before+0.7.0%29+to+ZipSlip+in+server%2Fmodel.go.+Why+Ollama+keeps+shipping+RCEs+at+the+model-load+boundary%2C+and+what+to+do+if+you+self-host.&meta=2026-04-27+%C2%B7+6+min Ollama Model Loading RCE: Three Years of the Same Bug Class, One Self-Hosted LLM Runtime https://sable.somoswilab.com/blog/openclaw-claw-chain https://sable.somoswilab.com/api/og?title=Claw+Chain%3A+Four+OpenClaw+Vulnerabilities%7CExpose+245%2C000+AI+Agent+Servers+to+Data+Theft&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Researchers+at+Cyera+discovered+four+chainable+OpenClaw+vulnerabilities+enabling+data+theft%2C+privilege+escalation%2C+and+persistence.+245%2C000+public+instances+are+exposed.+Here%27s+what+you+need+to+do.&meta=2026-05-15+%C2%B7+6+min Claw Chain: Four OpenClaw Vulnerabilities Expose 245,000 AI Agent Servers to Data Theft https://sable.somoswilab.com/blog/p3-crime-stoppers https://sable.somoswilab.com/api/og?title=BlueLeaks+2.0%3A+Hackers+Exponen+8.3%7CMillones+de+Tips+An%C3%B3nimos+a+la+Polic%C3%ADa&mode=article&eyebrow=BREACH&category=BREACH&desc=Un+hacktivist+rob%C3%B3+93+GB+de+P3+Global+Intel+%E2%80%94+la+plataforma+de+tips+de+Crime+Stoppers+%E2%80%94+exponiendo+casi+4+d%C3%A9cadas+de+informantes+%27an%C3%B3nimos%27.+Nombres%2C+datos%2C+todo.&meta=2026-03-22+%C2%B7+7+min BlueLeaks 2.0: Hackers Exponen 8.3 Millones de Tips Anónimos a la Policía https://sable.somoswilab.com/blog/pay2key-iran-ransomware https://sable.somoswilab.com/api/og?title=Pay2Key+Regresa%3A+El+Ransomware%7CIran%C3%AD+Que+Paga+el+80%25+a+Sus+Afiliados&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=El+grupo+ransomware+iran%C3%AD+Pay2Key+vuelve+despu%C3%A9s+de+5+a%C3%B1os+con+un+modelo+RaaS+m%C3%A1s+agresivo%2C+80%25+de+ganancias+para+atacantes+y+foco+en+EEUU+e+Israel.+Todo+lo+que+necesitas+saber.&meta=2026-03-24+%C2%B7+7+min Pay2Key Regresa: El Ransomware Iraní Que Paga el 80% a Sus Afiliados https://sable.somoswilab.com/blog/penetration-testing-startups-guide https://sable.somoswilab.com/api/og?title=Penetration+Testing+for+Startups+in%7C2026%3A+The+Complete+Founder%27s+Guide&mode=article&eyebrow=PENTEST+101&category=PENTEST+101&desc=What+a+pentest+is%2C+what+it+costs%2C+and+the+3-phase+plan+indie+devs+use+before+launch.+Skip+the+%245K+consultant+%E2%80%94+start+with+Sable%27s+free+scan+instead.&meta=2026-05-06+%C2%B7+15+min Penetration Testing for Startups in 2026: The Complete Founder's Guide https://sable.somoswilab.com/blog/praisonai-auth-bypass https://sable.somoswilab.com/api/og?title=PraisonAI+Auth+Bypass+Was+Scanned+4+Hours+After%7CDisclosure+%E2%80%94+And+It%27s+an+AI+Agent+Framework&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=CVE-2026-44338+in+PraisonAI+ships+auth+disabled+by+default.+Scanners+hit+exposed+instances+within+4+hours+of+disclosure.+Here%27s+why+AI+agent+frameworks+are+the+new+attack+surface.&meta=2026-05-14+%C2%B7+6+min PraisonAI Auth Bypass Was Scanned 4 Hours After Disclosure — And It's an AI Agent Framework https://sable.somoswilab.com/blog/pre-launch-security-checklist https://sable.somoswilab.com/api/og?title=The+8-item+security+checklist%7Cno+one+tells+indie+devs&mode=article&eyebrow=PRE-LAUNCH&category=PRE-LAUNCH&desc=Eight+security+checks+%E2%80%94+with+curl+commands+and+code+fixes+%E2%80%94+that+every+indie+dev+should+run+before+launch.+Auth%2C+BOLA%2C+CSP%2C+CORS%2C+rate-limiting%2C+JWT%2C+secrets%2C+admin+endpoints.&meta=2026-05-09+%C2%B7+10+min The 8-item security checklist no one tells indie devs https://sable.somoswilab.com/blog/que-es-pentesting https://sable.somoswilab.com/api/og?title=%C2%BFQu%C3%A9+es+el+Pentesting%3F+Gu%C3%ADa%7CCompleta+2026+para+Startups&mode=article&eyebrow=PENTEST+101&category=PENTEST+101&desc=El+pentesting+explicado+para+devs%3A+las+3+fases+y+c%C3%B3mo+hacer+un+check+antes+del+launch.+Empieza+gratis+con+Sable+en+tu+terminal+ahora.&meta=2026-05-06+%C2%B7+8+min ¿Qué es el Pentesting? Guía Completa 2026 para Startups https://sable.somoswilab.com/blog/sharepoint-rce-2026 https://sable.somoswilab.com/api/og?title=CVE-2026-45659%3A+SharePoint+RCE+Flaw+Lets%7CAny+Site+Member+Execute+Code+Remotely&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Microsoft+patched+a+CVSS+8.8+deserialization+RCE+in+SharePoint+Server.+Any+authenticated+Site+Member+can+trigger+it+%E2%80%94+no+admin+rights+needed.+Patch+immediately.&meta=2026-05-26+%C2%B7+6+min CVE-2026-45659: SharePoint RCE Flaw Lets Any Site Member Execute Code Remotely https://sable.somoswilab.com/blog/startup-security-audit-checklist https://sable.somoswilab.com/api/og?title=Startup+Security+Audit+Checklist%7C2026%3A+50+Checks+Before+You+Ship&mode=article&eyebrow=PENTEST+101&category=PENTEST+101&desc=50+actionable+checks+%E2%80%94+auth%2C+BOLA%2C+secrets%2C+headers%2C+deps+%E2%80%94+before+your+Product+Hunt+launch.+Use+Sable%27s+free+scan+to+automate+the+ones+that+matter.&meta=2026-05-06+%C2%B7+14+min Startup Security Audit Checklist 2026: 50 Checks Before You Ship https://sable.somoswilab.com/blog/supabase-security-checklist https://sable.somoswilab.com/api/og?title=Supabase+Security+Checklist+2026%3A%7C15+Checks+Esenciales+para+Producci%C3%B3n&mode=article&eyebrow=PENTEST+101&category=PENTEST+101&desc=La+lista+de+seguridad+para+Supabase+en+prod%3A+RLS%2C+service_role+key%2C+storage+y+los+15+errores+m%C3%A1s+comunes.+Sable+los+detecta+en+un+scan+pre-launch.&meta=2026-05-06+%C2%B7+10+min Supabase Security Checklist 2026: 15 Checks Esenciales para Producción https://sable.somoswilab.com/blog/telus-breach https://sable.somoswilab.com/api/og?title=Telus+Digital%3A+ShinyHunters%7Crob%C3%B3+1PB+y+exigi%C3%B3+%2465M&mode=article&eyebrow=BREACH&category=BREACH&desc=ShinyHunters+rob%C3%B3+1+petabyte+de+Telus+Digital+en+marzo+2026+con+credenciales+GCP+robadas.+Qu%C3%A9+pas%C3%B3+y+c%C3%B3mo+proteger+tu+empresa+ahora.&meta=2026-03-17+%C2%B7+5+min Telus Digital: ShinyHunters robó 1PB y exigió $65M https://sable.somoswilab.com/blog/trapdoor-supply-chain https://sable.somoswilab.com/api/og?title=TrapDoor%3A+34%2B+Malicious+Packages+Hit+npm%2C+PyPI%2C%7Cand+Crates.io+in+Coordinated+Supply+Chain+Attack&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=A+cross-ecosystem+supply+chain+campaign+deployed+34%2B+malicious+packages+and+384%2B+versions+across+npm%2C+PyPI%2C+and+Crates.io+to+steal+developer+credentials+and+crypto+wallets.+Here%27s+what+you+need+to+know.&meta=2026-05-26+%C2%B7+7+min TrapDoor: 34+ Malicious Packages Hit npm, PyPI, and Crates.io in Coordinated Supply Chain Attack https://sable.somoswilab.com/blog/trivy-attack https://sable.somoswilab.com/api/og?title=Trivy+Comprometido%3A+La+Herramienta+que+Escanea%7Ctus+Vulnerabilidades+Ahora+Roba+tus+Credenciales&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Un+ataque+a+la+cadena+de+suministro+comprometi%C3%B3+Trivy%2C+el+scanner+de+seguridad+open-source+m%C3%A1s+usado+en+DevSecOps.+75+tags+de+GitHub+secuestrados%2C+Docker+images+maliciosas%2C+worm+y+Kubernetes+wiper.&meta=2026-03-23+%C2%B7+6+min Trivy Comprometido: La Herramienta que Escanea tus Vulnerabilidades Ahora Roba tus Credenciales https://sable.somoswilab.com/blog/turla-kazuar-p2p https://sable.somoswilab.com/api/og?title=Turla+Upgrades+Kazuar+Backdoor%7CInto+Modular+P2P+Botnet&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Russian+APT+Turla+transformed+its+Kazuar+backdoor+into+a+modular+P2P+botnet+for+persistent+government+access.+Microsoft%2C+Palo+Alto%2C+and+BleepingComputer+all+tracked+the+evolution.&meta=2026-05-17+%C2%B7+7+min Turla Upgrades Kazuar Backdoor Into Modular P2P Botnet https://sable.somoswilab.com/blog/windows-ntlm-leak https://sable.somoswilab.com/api/og?title=CVE-2026-32202%3A+APT28+Exploits+Incomplete%7CWindows+Patch+to+Steal+NTLM+Hashes+Zero-Click&mode=article&eyebrow=SABLE+BLOG&category=SABLE+BLOG&desc=Microsoft+confirmed+active+exploitation+of+CVE-2026-32202%2C+a+Windows+Shell+spoofing+flaw+leaking+NTLM+hashes+via+malicious+LNK+files.+CISA+set+a+May+12+patch+deadline.&meta=2026-05-06+%C2%B7+6+min CVE-2026-32202: APT28 Exploits Incomplete Windows Patch to Steal NTLM Hashes Zero-Click https://sable.somoswilab.com/research/chrome-zero-days https://sable.somoswilab.com/api/og?title=Chrome+Zero+Days&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Chrome Zero Days https://sable.somoswilab.com/research/cisco-fmc https://sable.somoswilab.com/api/og?title=Cisco+Fmc&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Cisco Fmc https://sable.somoswilab.com/research/crunchyroll-breach https://sable.somoswilab.com/api/og?title=Crunchyroll+Breach&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Crunchyroll Breach https://sable.somoswilab.com/research/cve-2026-21262 https://sable.somoswilab.com/api/og?title=CVE+2026+21262&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH CVE 2026 21262 https://sable.somoswilab.com/research/darksword https://sable.somoswilab.com/api/og?title=Darksword&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Darksword https://sable.somoswilab.com/research/medtech-attacks https://sable.somoswilab.com/api/og?title=Medtech+Attacks&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Medtech Attacks https://sable.somoswilab.com/research/moltbot https://sable.somoswilab.com/api/og?title=Moltbot&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Moltbot https://sable.somoswilab.com/research/openclaw https://sable.somoswilab.com/api/og?title=Openclaw&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Openclaw https://sable.somoswilab.com/research/startup-vulnerabilities https://sable.somoswilab.com/api/og?title=Startup+Vulnerabilities&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Startup Vulnerabilities https://sable.somoswilab.com/research/vllm-rce https://sable.somoswilab.com/api/og?title=Vllm+Rce&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Vllm Rce https://sable.somoswilab.com/research/woundtech https://sable.somoswilab.com/api/og?title=Woundtech&mode=cve&eyebrow=SABLE+RESEARCH&category=RESEARCH Woundtech