security-research Archives

SHARE:

CVE-2025-55182 and CVE-2025-66478 (“React2Shell”) – All you need to know

December 05, 2025

JFrog continues to track and provide updates on React2Shell at research.jfrog.com. What happened A critical React vulnerability – CVE-2025-55182 (and the corresponding CVE-2025-66478 in Next.js) was published by the React maintainers. The vulnerability was named “React2Shell” by the original researcher as it leads to arbitrary code execution by remote (possibly unauthenticated) attackers. A remote attacker could craft a …

JFrog Alert for 3 x PickleScan Zero-Days - Thumbnail 203X148

SHARE:

PyTorch Users at Risk: Unveiling 3 Zero-Day PickleScan Vulnerabilities

December 02, 2025

AI Model Scanning as the First Layer of Security JFrog Security Research found 3 zero-day critical vulnerabilities in PickleScan, which would allow attackers to bypass the most popular Pickle model scanning tool. PickleScan is a widely used, industry-standard tool for scanning ML models and ensuring they contain no malicious content. Each discovered vulnerability enables attackers …

SHARE:

Shai-Hulud npm supply chain attack – new compromised packages detected

November 24, 2025

IMPORTANT UPDATE: Shai-Hulud Returns (Nov 24, 2025) JFrog continues to track, provide research and document another wave of the Shai-Hulud Software Supply Chain Attack. Following the initial campaign, threat actors have returned with more advanced tactics, compromising an additional 796 new malicious packages across leading public registries. This new wave exhibits several key differences from …

SHARE:

Critical RCE Vulnerability CVE-2025-11953 Puts React Native Developers at Risk

November 04, 2025

The JFrog Security Research team recently discovered and disclosed CVE-2025-11953 – a critical (CVSS 9.8) security vulnerability affecting the extremely popular @react-native-community/cli NPM package that has approximately 2M weekly downloads. The vulnerability allows remote unauthenticated attackers to easily trigger arbitrary OS command execution on the machine running react-native-community/cli’s development server, posing a significant risk to …

SHARE:

CVE-2025-6515 Prompt Hijacking Attack – How Session Hijacking Affects MCP Ecosystems

October 21, 2025

JFrog Security Research recently discovered and disclosed multiple CVEs in oatpp-mcp – the Oat++ framework’s implementation of Anthropic’s Model Context Protocol (MCP) standard. Among these, CVE-2025-6515 stood out due to its potential threat of hijacking MCP session IDs. Within the context of MCP we’ve dubbed this new attack technique “Prompt Hijacking“. Your browser does not …

SHARE:

Shifting Security ‘Lefter’ Than Left Is The Key To Avoiding Risky Packages

September 19, 2025

As the AI revolution accelerates, developers are being inundated with a dazzling array of new software packages and game-changing tools such as GitHub CoPilot, Sourcegraph, Qodo, Cursor, Goose, and others that promise incredible advances in productivity and impact. The excitement over this is high and just keeps on growing. Cyberattackers share equally in this excitement; …

SHARE:

Chaotic Deputy: Critical vulnerabilities in Chaos Mesh lead to Kubernetes cluster takeover

September 16, 2025

JFrog Security Research recently discovered and disclosed multiple CVEs in the highly popular Chaos engineering platform – Chaos-Mesh. The discovered CVEs, which we’ve named Chaotic Deputy are CVE-2025-59358, CVE-2025-59360, CVE-2025-59361 and CVE-2025-59359. The last three Chaotic Deputy CVEs are critical severity (CVSS 9.8) vulnerabilities which can be easily exploited by in-cluster attackers to run arbitrary …

SHARE:

New compromised packages identified in largest npm attack in history

September 09, 2025

Duckdb, coveops/abi and more new packages discovered as compromised in the ongoing phishing campaign On September 8th, a malicious actor compromised the npm registry by publishing trojanized versions of 18 widely-used packages, after obtaining developers’ tokens in a phishing attack, as reported by Aikido. Massively popular packages such as “debug”, “chalk” and “ansi-styles” were compromised. …

SHARE:

Critical RCE Vulnerability in mcp-remote: CVE-2025-6514 Threatens LLM Clients

July 09, 2025

The JFrog Security Research team has recently discovered and disclosed CVE-2025-6514 – a critical (CVSS 9.6) security vulnerability in the mcp-remote project – a popular tool used by Model Context Protocol clients. The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it initiates a connection to an untrusted …

SHARE:

Multi-Stage Malware Attack on PyPI: Malicious Package Threatens Chimera Sandbox Users

June 10, 2025

Update 25/06/2025: After the publication of our blog, JFrog was contacted by a security team and was informed that the PyPI package was published as part of an internal security audit – “The PyPI package was not created with malicious intent and users were not targeted by unknown threat actors, the purpose of this simulation …

CVE-2025-55182 and CVE-2025-66478 (“React2Shell”) – All you need to know

PyTorch Users at Risk: Unveiling 3 Zero-Day PickleScan Vulnerabilities

Shai-Hulud npm supply chain attack – new compromised packages detected

Critical RCE Vulnerability CVE-2025-11953 Puts React Native Developers at Risk

CVE-2025-6515 Prompt Hijacking Attack – How Session Hijacking Affects MCP Ecosystems

Shifting Security ‘Lefter’ Than Left Is The Key To Avoiding Risky Packages

Chaotic Deputy: Critical vulnerabilities in Chaos Mesh lead to Kubernetes cluster takeover

New compromised packages identified in largest npm attack in history

Critical RCE Vulnerability in mcp-remote: CVE-2025-6514 Threatens LLM Clients

Multi-Stage Malware Attack on PyPI: Malicious Package Threatens Chimera Sandbox Users

Popular Tags