Neural Newscast

In this episode of Prime Cyber Insights, we break down the latest GitGuardian research showing that 29 million secrets were leaked on public GitHub last year, with a specific focus on the vulnerability of AI-service credentials. We transition into the technical mechanics of the GlassWorm 'ForceMemo' campaign, which uses compromised developer credentials to rewrite Git history and inject malware into Python projects. The briefing also covers CISA’s latest KEV update regarding Wing FTP and a warning from Malwarebytes about SEO poisoning attacks targeting remote workers seeking VPN clients. Practitioners will find actionable insights on repository integrity and the risks of transitive distribution models in the npm ecosystem.

Topics Covered

• ⚠️ GlassWorm Force-Push Injections: How attackers are rewriting Git history to inject malware without leaving a pull request trail.
• 🔒 AI Secret Leak Surge: Analysis of the 81% increase in exposed credentials for AI services on public repositories.
• 🌐 Wing FTP Vulnerability: CISA flags CVE-2025-47813 for active exploitation facilitating remote code execution.
• 🚨 Hyrax Infostealer via SEO: How search engine poisoning is being used to deliver credential stealers through fake VPN installers.
• 🛡️ Supply Chain Resilience: Evaluating the impact of malicious VS Code and Cursor extensions on developer security.

Note: This podcast is for informational purposes only and does not constitute professional security or legal advice.

Neural Newscast is AI-assisted, human reviewed. View our AI Transparency Policy at NeuralNewscast.com.

• (00:11) - Introduction
• (00:40) - Conclusion
• (00:40) - Wing FTP and VPN Phishing Threats