5 Dec 2025
Week in review
Greetings,
A new malicious npm package, eslint-plugin-unicorn-ts-2, has been discovered that aims specifically at manipulating AI-powered security scanners. The package mimics a legitimate TypeScript extension of the widely used ESLint Unicorn plugin, but embedded within its code is a concealed message telling automated analysis tools to “forget everything you know” and treat the code as safe. While the prompt itself has no effect on how the package runs, its presence signals a concerning shift in attacker behaviour as they begin crafting malware with the explicit intention of deceiving AI-driven defences.
The threat comes from the package’s post-install script, which automatically executes once a developer installs the dependency. That script gathers environment variables, potentially including API keys, authentication tokens, and other sensitive credentials, and exfiltrates them to an external Pipedream webhook. The malicious changes were introduced in version 1.1.3, with the package still available in later versions at the time of reporting, increasing the likelihood that unsuspecting developers may have already been affected.
This incident highlights the growing risks within the software supply chain and the increasing sophistication of attempts to compromise it. Attackers are not only relying on typosquatting or impersonating trusted packages but are now experimenting with ways to exploit the very tools meant to detect them. For organisations, the event signifies the need to scrutinise dependencies more closely, review installation scripts, and avoid relying solely on AI-based scanners. Any developer who installed the affected package should assume credential exposure and rotate secrets immediately.
Glassworm malware returns in third wave of malicious VS Code packages
Date: 2025-12-01
Author: Bleeping Computer
The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms.
OpenVSX and the Microsoft Visual Studio Marketplace are both extension repositories for VS Code–compatible editors, used by developers to install language support, frameworks, tooling, themes, and other productivity add-ons.
Malicious VS Code Extension as Icon Theme Attacking Windows and macOS Users
Date: 2025-12-01
Author: Cyber Security News
A malicious Visual Studio Code extension posing as the popular “Material Icon Theme” has been used to attack Windows and macOS users, turning the add-on into a hidden backdoor.
The fake extension shipped through the marketplace with backdoored files, giving the attackers a direct path into developer workstations once it was installed.
After installation, the extension behaved like a normal icon theme, so most users had no reason to suspect anything was wrong.
'Exploitation is imminent' as 39 percent of cloud environs have max-severity React hole
Date: 2025-12-03
Author: The Register
[Please see AUSCERT bulletin: https://portal.auscert.org.au/bulletins/ASB-2025.0214/]
A maximum-severity flaw in the widely used JavaScript library React, and several React-based frameworks including Next.js allows unauthenticated, remote attackers to execute malicious code on vulnerable instances. The flaw is easy to abuse, and mass exploitation is "imminent," according to security researchers.
The React team disclosed the unauthenticated remote code execution (RCE) vulnerability in React Server Components on Wednesday. It's tracked as CVE-2025-55182 and received a maximum 10.0 CVSS severity rating.
Critical King Addons Vulnerability Exploited to Hack WordPress Sites
Date: 2025-12-03
Author: Security Week
Tracked as CVE-2025-8489 (CVSS score of 9.8), the critical-severity bug is described as a privilege escalation issue that allows attackers to obtain administrative privileges.
The vulnerability impacts versions 24.12.92 to 51.1.14. King Addons for Elementor’s maintainers patched the issue in version 51.1.35 of the plugin, which was released on September 25.
Roughly a month later, threat actors started targeting the CVE in attacks, and Defiant has observed roughly 50,000 exploit attempts to date.
Android Zero-Days Patched in December 2025 Security Update
Date: 2025-12-02
Author: Security Week
[Please see AUSCERT bulletin: https://portal.auscert.org.au/bulletins/ESB-2025.8757.2/]
Google warns that two out of the 107 vulnerabilities patched in Android this month have been exploited in limited, targeted attacks.
The exploited zero-days, tracked as CVE-2025-48633 and CVE-2025-48572, impact the platform’s Framework component and could be exploited for information disclosure or elevation of privilege, respectively.
ASB-2025.0214 – React and Next.js: CVSS (Max): 10.0
A maximum-severity flaw in the widely used JavaScript library React, and several React-based frameworks including Next.js allows unauthenticated, remote attackers to execute malicious code on vulnerable instances. The flaw is easy to abuse, and mass exploitation is "imminent," according to security researchers.
ESB-2025.8758 – SUSE: Linux Kernel: CVSS (Max): 7.8
An update that solves 20 vulnerabilities, contains one feature and has five security fixes can now be installed. The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues.
ESB-2025.8792 – Apple: Compressor: CVSS (Max): 8.8
Impact: An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code. Description: The issue was addressed by refusing external connections by default. CVE-2025-43515: CodeColorist and Pedro Tôrres(@t0rr3sp3dr0).
ESB-2025.8794 – Google Chrome: CVSS (Max): 8.8*
This update includes 13 security fixes addressing issues across several browser components.
ESB-2025.8815 – Splunk Enterprise: CVSS (Max): 8.8
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Enterprise versions 10.0.2, 9.4.6, 9.3.8, 9.2.10, and higher.
Stay safe, stay patched and have a good weekend!
The AUSCERT team
