Discovering the latest attacks and providing defensive measures to keep organizations safe

Security briefing: May 2026

AI agent at the wheel: How an attacker used LLMs to move from a CVE to an internal database in 4 pivots

The expendable extension name: Azure VMAccess naming chaos, password resets, and a detection gap

In early April, the Sysdig Threat Research Team (TRT) identified a detection flaw in the process for Azure VM password resets and VMAccess naming. This flaw allows attackers to assign any name to Azure VM extensions, giving them the ability to obtain read/write access, change passwords, and persist in the victim environment without being detected. Additionally, the Sysdig TRT found that the telemetry documented by the Azure Threat Matrix for this detection did not fire when the event was triggered.

NATS-as-C2: Inside a new technique attackers are using to harvest cloud credentials and AI API keys

Sysdig Threat Research Team (TRT) has identified what appears to be the first published case of a threat actor using a NATS server as command-and-control (C2) infrastructure — a technique dubbed “NATS-as-C2.” Discovered during an investigation into exploitation of CVE-2026-33017 in Langflow, the operation used cloud-native messaging infrastructure, including pub/sub orchestration and durable task queues, to coordinate a distributed credential-hunting worker pool targeting AWS and AI credentials.

CVE-2026-44338: PraisonAI authentication bypass in under 4 hours and the growing trend of rapid exploitation

Dirty Frag (CVE-2026-43284 and CVE-2026-43500): Detecting unpatched local privilege escalation via Linux Kernel ESP and RxRPC

CVE-2026-31431: “Copy Fail” Linux kernel flaw lets local users gain root in seconds

CVE-2026-42208: Targeted SQL injection against LiteLLM's authentication path discovered 36 hours following vulnerability disclosure

CVE-2026-39987 update: How attackers weaponized marimo to deploy a blockchain botnet via HuggingFace

Marimo OSS Python Notebook RCE: From Disclosure to Exploitation in Under 10 Hours

On April 8, 2026, a critical vulnerability was disclosed in marimo, an open-source reactive Python notebook platform. Currently being tracked as GHSA-2679-6mx9-h9xc, it is a pre-authentication remote code execution (RCE) vulnerability in the terminal WebSocket endpoint that allows attackers to obtain a full interactive shell on any exposed marimo instance through a single WebSocket connection – no credentials required. At the time of this writing, a CVE number has yet to be assigned.