Research Archives | Orca Security

Xinference PyPI package compromise leads to full environment takeover

Application Security

Xinference PyPI package compromise leads to full environment takeover

Table of contentsWhat is the Xinference PyPI Package Compromise ?Assessing the Impact: Credential Theft and Full Environment TakeoverHow to Mitigate...

Roi Nisimi

Apr 23, 2026

Checkmarx supply chain compromise exposes CI/CD secrets

Application Security

Checkmarx supply chain compromise exposes CI/CD secrets

Table of contentsWhat is the Checkmarx Supply Chain Compromise ?Impact of the TeamPCP Campaign: Credential Theft and Lateral MovementMitigation RecommendationsHow...

Roi Nisimi

Apr 23, 2026

Kyverno SSRF: Breaking Kubernetes Namespace Isolation (CVE-2026-4789)

‘Orca Watch’ Series

Kyverno SSRF: Breaking Kubernetes Namespace Isolation (CVE-2026-4789)

A critical SSRF (Server-Side Request Forgery, where an attacker tricks a server into making HTTP requests on their behalf) vulnerability...

Igor Stepansky

Apr 09, 2026

CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server

Discovered Vulnerabilities

CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server

Table of contentsOverviewWhat Is ksmbd - and Why Does It Matter?Understanding SMB3 MultichannelThe Vulnerability - A Missing LockThe Broken Data...

Igor Stepansky

Apr 08, 2026

2026 State of AppSec: When Development Velocity Outpaces Security

Application Security

2026 State of AppSec: When Development Velocity Outpaces Security

Table of contentsTop Application Security Findings and Trends for 2026Rapid AI Adoption: Why 43% of Organizations Have Exposed AI/ML CredentialsThe...

Jake Kramber

Apr 07, 2026

2026 State of Application Security Report

Report

2026 State of Application Security Report

In-Depth Research 2026 State of Application Security Report When Development Velocity Outpaces Security Get the Report One clear picture of...

Apr 07, 2026

Supply Chain Attack on Axios Delivers Cross-Platform RAT via Compromised npm Account

Application Security

Supply Chain Attack on Axios Delivers Cross-Platform RAT via Compromised npm Account

Table of contentsQuick OverviewWhat is Axios?Technical AnalysisHow the account was compromisedThe phantom dependency trickInside the dropperPlatform-specific payloadsAnti-forensic evidence destructionAttack FlowAffected...

Igor Stepansky

Mar 31, 2026

Credential‑Stealing Malware in LiteLLM Supply Chain Attack

‘Orca Watch’ Series

Credential‑Stealing Malware in LiteLLM Supply Chain Attack

Executive Summary A severe malware incident (no formal CVE yet, but tracked as a high‑risk supply chain compromise) was disclosed...

Roi Nisimi

Mar 25, 2026

CanisterWorm: When a CI/CD Breach Became a Self-Spreading npm Worm

‘Orca Watch’ Series

CanisterWorm: When a CI/CD Breach Became a Self-Spreading npm Worm

A supply chain compromise moved from CI pipelines into the npm ecosystem, stealing secrets, hijacking packages, and persisting on developer...

Tohar Braun

Mar 23, 2026

Research

Xinference PyPI package compromise leads to full environment takeover

Checkmarx supply chain compromise exposes CI/CD secrets

Kyverno SSRF: Breaking Kubernetes Namespace Isolation (CVE-2026-4789)

CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server

2026 State of AppSec: When Development Velocity Outpaces Security

2026 State of Application Security Report

Supply Chain Attack on Axios Delivers Cross-Platform RAT via Compromised npm Account

Credential‑Stealing Malware in LiteLLM Supply Chain Attack

CanisterWorm: When a CI/CD Breach Became a Self-Spreading npm Worm

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons