Crow's Nest - 2026-06-04

A roundup of 89 items curated from across the security community.

News

• Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts by BrianKrebs.

Pro-Iran hackers hijacked high-profile Instagram accounts, including the Obama White House, by tricking Meta’s AI support bot into resetting passwords with a spoofed hometown IP.

• Dutch police dismantle a 17-million-device botnet.

Dutch police and the NCSC dismantled a 17-million-device botnet operating on 200 servers seized from a local hosting provider.

• Red Hat npm packages compromised via CI/CD pipeline by Florian Roth.

Multiple @redhat-cloud-services npm packages ship malicious preinstall hooks from a compromised GitHub Actions OIDC pipeline, targeting cloud tokens, /proc/mem secrets, and persisting through Claude Code and VS Code injection.

• Four coordinated npm supply-chain campaigns, 176 packages.

Sonatype maps four npm campaigns running across May and June, including a 176-package set built to beat internal dependency checks, with IOCs and detection notes.

• HTTP/2 Bomb pins 32GB of server memory in 10 seconds by Stefan Esser.

A remote DoS across nginx, Apache, IIS, Envoy, and Cloudflare Pingora: one client pins 32GB of server memory in about 10 seconds. Found by Codex, with no patch at disclosure. Also: Hacker News coverage.

Techniques and Write-ups

• AI audit of FreeBSD: 15 kernel bugs found.

Calif runs an AI-driven audit of FreeBSD and surfaces 15 kernel bugs, including 3 RCEs, 5 LPEs, and a bhyve escape.

• A 4-byte heap overflow to RCE in Minecraft via STB image parsing.

A four-byte heap overflow in the STB image-parsing library escalated all the way to remote code execution in Minecraft.

• LLM-driven pipeline for EDR signature reduction by Jack Halon.

Praetorian builds a pipeline using LLMs to keep offensive tools alive longer by reducing their EDR signature footprint, compiling Sliver, Chisel, and GhostPack to WASM.

• 1-click GitHub token theft via a VSCode bug by Jeff McJunkin.

Clicking one link in github.dev hands an attacker an OAuth token with read and write access to all your repos, including private ones. Dropped publicly because the researcher did not want to deal with MSRC.

• Jellyfin RCE via a .NET JIT memfd gadget by kmkz.

Sonar exploits an argument injection in Jellyfin using a .NET JIT compiler gadget: the runtime’s memfd-backed code pages turn file writes into shellcode execution.

• DarkReplica: Redis Lua engine use-after-free to RCE (CVE-2026-23631) by kmkz.

Wiz details DarkReplica, a use-after-free in Redis’s built-in Lua engine that reaches remote code execution, one of five Redis RCEs disclosed in 48 hours.

Tools and Exploits

• HijackLibs adds Sigma coverage for 600+ DLL hijacks.

HijackLibs.net refreshes with over 600 documented DLL hijacking cases, machine-readable feeds, and Sigma detection content for every DLL.

• MogVMP: a devirtualizer for VMProtect 3.5 by hasherezade.

A VMProtect 3.5 devirtualizer built on Remill that lifts the whole x86 code of the VM, released as code.

• Project Onyx: EDR evasion via AI telemetry spoofing and WASM by Panos Gkatziroulis.

A red team PoC pipeline that combines AI-driven telemetry spoofing with WASM sandboxing to evade modern EDR systems.