TL;DR
North Korean-linked BlueNoroff compromised 140+ npm packages via Mastra AI supply chain attack. WordPress plugin Gravity SMTP (numerous sites) actively exploited for API key theft. Microsoft reports AutoJack attack chain targeting AI browsing agents on Windows systems.
Executive Summary
- BlueNoroff, a North Korean state-linked threat actor, was attributed to a supply chain attack compromising over 140 npm packages through the Mastra AI library, potentially affecting downstream developers.
- The Gravity SMTP WordPress plugin, installed on approximately 100,000 sites, is being actively exploited to expose API keys and sensitive credentials through an unauthenticated information disclosure vulnerability.
- Microsoft researchers disclosed AutoJack, an attack chain that uses malicious web pages to hijack AI browsing agents and achieve remote code execution on Windows systems.
- Law enforcement disrupted SocGholish botnet infrastructure and cleaned nearly 15,000 infected WordPress websites in a coordinated international operation.
- Salesforce customers were targeted through a compromised Klue OAuth integration, with the extortion group Icarus claiming responsibility for stealing OAuth tokens.
Top Threats Today
1. North Korean Supply Chain Attack on npm Ecosystem via Mastra AI
Severity: HIGH Affected: Technology
Microsoft has attributed a supply chain attack compromising more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff [1]. The packages were injected into the Mastra AI library, potentially exposing downstream developers and applications to malicious code execution ⚠[1].
Sources:[1] BleepingComputer
Recommended Action
- Audit your npm dependencies and Mastra AI usage immediately for any recently installed or updated packages.
- Review npm package sources in your supply chain and enable security scanning for transitive dependencies.
- Consider implementing Software Composition Analysis (SCA) tools to detect compromised packages in real time.
2. Gravity SMTP WordPress Plugin Actively Exploited for API Key Exposure
Severity: HIGH Affected: Technology
Threat actors are actively exploiting CVE-2026-4020, an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is installed on approximately 100,000 sites [1][2]. The vulnerability carries a CVSS score of 5.3 and allows attackers to expose API keys and sensitive credentials [1].
Sources:[1] The Hacker News[2] BleepingComputer
Recommended Action
- Immediately update Gravity SMTP to the patched version released by the vendor.
- Audit logs for any unauthorized API key access or account activity tied to your SMTP service.
- Rotate any exposed API keys and review API token usage in your mail sending infrastructure.
- If patching is not immediately possible, disable the plugin and use an alternative SMTP solution.
3. AutoJack Attack Chain Targets AI Browsing Agents on Windows
Severity: HIGH Affected: Technology
Microsoft researchers have detailed an exploit chain named AutoJack that enables remote code execution by hijacking AI browsing agents [1]. The attack relies on directing an AI agent to load an attacker-controlled web page, which then uses JavaScript to reach a privileged local service on the same machine and spawn arbitrary code [1].
Sources:[1] The Hacker News
Recommended Action
- Review and restrict network access controls for privileged local services on systems running AI browsing agents.
- Apply the latest Windows security updates and Microsoft Edge patches.
- Monitor for suspicious JavaScript execution or unexpected local service access from web contexts.
- Disable AI browsing agent features if they are not required for business operations.
4. SocGholish Botnet Disruption: 14,971 WordPress Sites Cleaned
Severity: MEDIUM Affected: Technology
Dutch law enforcement, along with counterparts from Canada, Germany, and the U.S., disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites [1].
Sources:[1] The Hacker News
Recommended Action
- Verify that your WordPress sites are not listed among the infected domains by checking official law enforcement advisories.
- Review WordPress plugin and theme updates to ensure no malicious code remains.
- Enable Web Application Firewall (WAF) rules to detect SocGholish behavior if your site was impacted.
5. Klue OAuth Breach Exposes Salesforce Customer Data
Severity: HIGH Affected: Technology
Market intelligence platform Klue publicly confirmed a security incident that allowed threat actors to steal OAuth tokens used to connect to customers' Salesforce environments [1]. The extortion group Icarus publicly claimed responsibility for the attack [1], with victims including the cybersecurity firm Huntress and intelligence vendor Recorded Future ⚠[2].
Sources:[1] BleepingComputer[2] Dark Reading
Recommended Action
- Audit all OAuth token usage connected to your Salesforce instance and revoke any suspicious tokens.
- Force re-authentication for all Salesforce integrations and third-party applications with OAuth access.
- Review Salesforce access logs for unauthorized login activity or data access patterns.
- Reduce OAuth token lifespan and implement token rotation policies.
Today’s Action Checklist
- ☐ URGENT: Patch or disable Gravity SMTP WordPress plugin to CVE-2026-4020 across all installations.
- ☐ URGENT: Audit npm dependencies for malicious Mastra AI packages and transitive compromises.
- ☐ HIGH: Rotate all exposed API keys and OAuth tokens from the Klue and Salesforce incidents.
- ☐ HIGH: Review AutoJack attack vectors and restrict local service access from web-based AI agent contexts.
- ☐ MEDIUM: Verify WordPress sites are clean post-SocGholish disruption and enable WAF monitoring.