Three unrelated campaigns hit three different package ecosystems today with the same playbook: fake or hijacked SDKs quietly exfiltrating wallet keys and payment-card data. Socket and Aikido caught a compromised Injective SDK on npm spreading a wallet-key stealer into 17 downstream packages, Socket separately flagged a typosquatted Braintree package on NuGet skimming live card numbers, and a 222-repo GitHub network staged Windows malware behind a malicious Go module — three ecosystems, one shape.
The rest of the day belonged to repeat offenders and single-vendor teardowns. YesWiki absorbed 13 advisories in one hour, including two independent paths to RCE and an unauthenticated bug that lets anyone delete arbitrary wiki pages; DSpace's path-traversal disclosure from this morning turned out to chain into Velocity-template RCE, its fourth advisory in two days; and NL Portal picked up a fourth authorization gap this month, this time letting any user tamper with someone else's task. Two AI coding-agent tools, Joro and Serena, disclosed the identical shape of bug — an unauthenticated localhost dashboard reachable from a browser tab, escalating to code execution — worth a specific look if agentic dev tools run unattended on your machine.
The bright spot: npm 12 ships with install scripts disabled by default, closing the postinstall-hook vector behind most of this year's npm campaigns, including today's Injective SDK compromise. Late escalation at 21:00 ET: a GHSA batch published after the evening synthesis locked adds three more high-severity items — Tesla's FollowRedirects middleware leaks the Authorization header on cross-origin redirects via a case-sensitivity bypass, Mint's HTTP/2 stack has no cap on PUSH_PROMISE or CONTINUATION-frame accumulation (memory-exhaustion DoS), and Mistune picked up a quadratic-time DoS in its Markdown link-text scanner. None of these are under active exploitation — this reads as disclosure hygiene from an Elixir HTTP-client audit round, not a new campaign — but Tesla and Mint sit underneath a lot of Elixir services that follow redirects or parse HTTP/2 from untrusted origins.
→ Operational priority for the night pull the latest YesWiki release wholesale rather than patching the 13 advisories piecemeal, check whether any AI coding agent on your machine — Joro, Serena, or similar — exposes an unauthenticated local dashboard before you leave it running overnight, and if you run Tesla or Mint in production, patch past 1.18.3 / 1.9.0 before your next deploy.