InfoSec Briefing - May 22, 2026

🎧 Audio Briefing

Playback Speed:

Cyber security developments for Friday the 22nd of May 2026 covering articles added to the BlueTeamSec community on infosec.pub. Today we have 7 articles to cover. All attribution is by the article authors. All article analysis is automated.

The Center for Strategic and International Studies has published an assessment arguing that China has reached peer status with the United States in cyberspace. They point to groups like Salt Typhoon and Volt Typhoon achieving persistent access to critical infrastructure and government systems, with operations now incorporating AI for large-scale targeting. Worth reading if you're interested in the strategic picture beyond individual campaign reporting.

GitHub disclosed on the 19th that they'd detected and contained compromise of an employee device through a poisoned VS Code extension. Following on from the story we covered earlier this week, unauthorised access to internal repositories occurred, though they state there's no evidence of customer data impact outside those internal systems. The attack vector itself is the interesting bit — supply chain compromise via malicious IDE extensions targeting employees directly.

FalkorDB Browser version 1.9.3 has an unauthenticated path traversal flaw in its file upload API that allows remote attackers to write arbitrary files to the server, leading to potential remote code execution. If you're running the affected version, update immediately.

Researchers have demonstrated a memory reading technique that abuses the Windows thread creation API and depth list query functions to read arbitrary memory from remote processes without touching ReadProcessMemory. Creates remote threads that return two bytes of memory via the exit code, which means it evades hooks monitoring the usual memory access functions. One for offensive tool developers and defenders tracking evasion trends.

And another exploit writeup — this time for NGINX Rift, the heap buffer overflow vulnerability in the rewrite module that allows unauthenticated remote code execution. A private lab and exploit chain have been published demonstrating how a length calculation discrepancy during URI escaping can be leveraged to corrupt memory structures. This one includes heap feng shui techniques and demo recordings if you're interested in the mechanics.

Bishop Fox released AIMap, an open-source tool for discovering and assessing exposed AI and machine learning endpoints across the internet. It identifies insecure deployments of services like MCP servers and Ollama instances, many of which lack authentication entirely. Automates the process from discovery through to protocol-specific exploitation testing.

And finally, a Linux persistence detection tool called persisthunt. It's an open-source bash script that automates detection of common persistence mechanisms — active shells, eBPF-based rootkits like BPFdoor, malicious systemd services, hidden processes, and so on. Categorises findings by severity and assists with artifact collection during incident response.

That concludes today's briefing.

📰 Articles Covered

Why China Is Now a Peer Competitor to the United States in Cyberspace - Center for Strategic and International Studies (CSIS)

This precis summarizes the analysis from the Center for Strategic and International Studies (CSIS) regarding China’s emergence as a peer competitor to the United States in cyberspace.

### **Overview: What Happened**
China has systematically matured its cyber capabilities over the last 15 years, evolving into a peer competitor that now challenges U.S. dominance. Unlike previous adversaries, China employs a "whole-of-society" approach, mobilizing state institutions, the military, academia, and the private sector to dominate the digital battlespace. The article argues that the U.S. can no longer assume it is unrivaled and must move beyond failed "cyber deterrence" strategies to regain a strategic edge 【1】.

### **Who Is Affected**
* **U.S. Critical Infrastructure:** Deep penetration has been identified across energy, transport, and water sectors 【1】.
* **Public Sector:** Sensitive systems, including the U.S. Treasury, National Guard, and law enforcement wiretapping systems, have been compromised 【1】.
* **Political Figures:** High-level targeting has been observed, including the identification of specific individuals such as Donald Trump and JD Vance during the *Salt Typhoon* campaign 【1】.

### **Security Implications**
The primary implication is that China has positioned itself to disrupt critical U.S. assets in the event of geopolitical conflict. The *Salt Typhoon* and *Volt Typhoon* campaigns demonstrate that China has achieved persistent, long-term access to telecommunications and military nodes. Furthermore, China’s integration of large language models (LLMs) into its offensive operations has significantly advanced its ability to conduct highly targeted intelligence collection 【1】.

### **Technical Details: The "4S" Framework**
The article categorizes China’s rise through four components:
* **Sophistication:** China utilizes advanced AI tooling to identify vulnerabilities, potentially outpacing U.S. capabilities. It has demonstrated the ability to sift through massive datasets to perform surgical targeting 【1】.
* **Scale:** China maintains a massive talent pipeline (hundreds of thousands) through state-sponsored competitions and research institutes. Its private sector is legally compelled to feed discovered 0-day vulnerabilities directly into the state apparatus, creating an agile and rapidly reconstituting supply chain 【1】.
* **Stealth:** Operators increasingly use "living-off-the-land" techniques, target edge devices (routers/firewalls), and leverage covert networks at scale to disguise traffic, making attribution and detection extremely difficult for traditional defenses 【1】.
* **Strategy:** China’s long-term planning (e.g., the 15th Five-Year Plan) provides a clear, enduring roadmap for cyber dominance, contrasting with the U.S.'s perceived "strategic ambiguity" 【1】.

### **What Defenders Should Know**
* **Shift in Tactics:** Defenders must account for the widespread use of covert networks and the targeting of edge devices, which bypass many traditional network defense methods 【1】.
* **Need for Accountability:** The article suggests that the U.S. must move toward holding the private sector accountable for failing to implement basic cybersecurity measures, rather than relying solely on private sector involvement in offensive operations 【1】.
* **Strategic Reorientation:** The U.S. is encouraged to revitalize its cyber ecosystem by reversing recent funding and personnel cuts, strengthening international and academic partnerships, and developing a specific implementation plan to contest Chinese activity across all levers of statecraft 【1】.
FalkorDB: A super fast Graph Database uses GraphBLAS under the hood for its sparse adjacency matrix graph representation. - FalkorDB

Based on the available information, there is no evidence of a widespread cybersecurity incident involving the core **FalkorDB** database engine itself. FalkorDB is primarily a graph database technology used *for* security applications (such as threat detection and attack path visualization) rather than being the subject of a major security breach 【2】【5】.

However, a specific security vulnerability has been identified in a related component, **FalkorDB Browser**. Below is the precis regarding that finding.

### Precis: FalkorDB Browser Path Traversal Vulnerability

* **What Happened:** A critical unauthenticated path traversal vulnerability was identified in the file upload API of FalkorDB Browser version 1.9.3 【1】.
* **Who is Affected:** Users running FalkorDB Browser version 1.9.3.
* **Security Implications:** This vulnerability allows remote, unauthenticated attackers to write arbitrary files to the server. This can lead to **Remote Code Execution (RCE)**, potentially granting an attacker full control over the host system 【1】.
* **Technical Details:** The flaw exists within the file upload functionality, which fails to properly sanitize input paths. By manipulating the file path during the upload process, an attacker can bypass directory restrictions to place malicious files in sensitive locations on the server's filesystem 【1】.
* **What Defenders Should Know:**
* **Audit Versions:** Immediately check if your environment is running FalkorDB Browser version 1.9.3.
* **Patch/Update:** If you are on the affected version, update to a patched version immediately.
* **General Security Hygiene:** As noted in FalkorDB documentation, administrative commands (such as `MODULE LOAD`) are inherently dangerous and should be restricted or blocked in production environments to prevent unauthorized module execution 【3】.
* **Reporting:** If you discover further vulnerabilities in FalkorDB components, report them directly to the maintainers via their official security channels (e.g., `security@falkordb.com` or the GitHub Security Advisory reporting feature) 【4】.
Remote Process Read Primitive via NtCreateThreadEx Exit Code - S12 - 0x12Dark Development

This article details a novel technique for performing arbitrary memory reads in a remote process without utilizing the standard `ReadProcessMemory` API, thereby bypassing security hooks that monitor that specific function 【1】.

### What Happened
The author demonstrates a "read primitive" that abuses the Windows `NtCreateThreadEx` API. By creating a remote thread that executes the `ntdll.dll` function `RtlQueryDepthSList`, an attacker can force the remote process to read 2 bytes of memory from a specified address and return that value as the thread's exit code 【1】.

### Who Is Affected
Any Windows environment where an attacker has sufficient privileges to create threads in a target process is potentially affected. Because the technique relies on standard, legitimate Windows APIs (`NtCreateThreadEx`, `RtlQueryDepthSList`, `GetExitCodeThread`), it is a general-purpose evasion technique rather than a vulnerability in a specific software product.

### Security Implications
* **Detection Evasion:** By avoiding `ReadProcessMemory`, the technique evades security products that rely on hooking that specific API to detect unauthorized memory access 【1】.
* **Stealth:** The use of `RtlQueryDepthSList` is generally considered benign, as its intended purpose is to query the depth of an interlocked singly-linked list, making it an unlikely candidate for monitoring 【1】.

### Technical Details
The process follows these logical steps to extract data:
1. **Targeting:** The attacker identifies a target address in the remote process.
2. **Execution:** `NtCreateThreadEx` is called to start a thread in the remote process, using `RtlQueryDepthSList` as the entry point and the target address as the argument 【1】.
3. **Extraction:** The attacker waits for the thread to finish (`WaitForSingleObject`) and retrieves the exit code via `GetExitCodeThread`. The exit code contains the 2 bytes read from the target address 【1】.
4. **Iteration:** This process is repeated in 2-byte increments until the desired amount of memory has been read 【1】.

### What Defenders Should Know
Defenders should look for the combination of these APIs and behavioral patterns rather than focusing solely on `ReadProcessMemory`. The author provides a YARA rule designed to detect this specific technique by identifying:
* **API Combination:** The presence of `NtCreateThreadEx`, `RtlQueryDepthSList`, `GetExitCodeThread`, and `WaitForSingleObject` in the same binary 【1】.
* **Behavioral Patterns:** The use of dynamic `ntdll` resolution and the specific 2-byte stride loop pattern used to iterate through memory 【1】.
nginx-rift-private-lab: Private Nginx Rift ASLR lab, exploit chain, and demo recordings - Hamid Kashfi

This precis summarizes the details regarding **CVE-2026-42945**, also known as "NGINX Rift," a critical vulnerability affecting the NGINX web server.

### What Happened
CVE-2026-42945 is a critical heap buffer overflow vulnerability within NGINX's `ngx_http_rewrite_module`. The flaw, which has existed in the codebase since 2008, allows an unauthenticated remote attacker to achieve Remote Code Execution (RCE) on affected servers.

### Technical Details
The vulnerability arises from a discrepancy in how NGINX's script engine handles data during a two-pass process:

1. **Length-Calculation Pass:** The engine runs on a freshly zeroed sub-engine where the `is_args` flag is set to `0`. It calculates the buffer size based on the raw length of the capture.
2. **Copy Pass:** The engine uses the main engine where `is_args` is set to `1` (if the `rewrite` replacement contains a `?`). This triggers `ngx_escape_uri` with `NGX_ESCAPE_ARGS`, which expands each escapable byte into 3 bytes.

Because the length calculation did not account for this expansion, the copy operation overflows the undersized heap buffer. Attackers exploit this by using "heap feng shui" to corrupt an adjacent `ngx_pool_t` structure's `cleanup` pointer. By redirecting this pointer to a fake `ngx_pool_cleanup_s` structure, the attacker can trigger the execution of `system()` when the pool is destroyed.

### Who Is Affected
The vulnerability impacts a wide range of NGINX versions. Users should verify their specific build against the following table:

| Product | Affected Versions | Fixed Versions |
| :--- | :--- | :--- |
| NGINX Open Source | 0.6.27 – 1.30.0 | 1.31.0, 1.30.1 |
| NGINX Plus | R32 – R36 | R36 P4, R35 P2, R32 P6 |

### Security Implications
* **Unauthenticated RCE:** Attackers do not need valid credentials to trigger the exploit.
* **Exploitability:** The exploit is viable on x86_64 Linux systems, even with ASLR enabled.
* **Prerequisites:** Successful exploitation typically requires a secondary primitive, such as a Local File Inclusion (LFI) or arbitrary-file-read vulnerability, to recover process state (e.g., worker maps, libc, and `/proc/<worker>/mem`).
* **Environment Dependencies:** The exploit's success depends on `procfs` accessibility, Yama security policies, and container namespace configurations.

### What Defenders Should Know
* **Immediate Action:** Patch NGINX to the versions listed above as soon as possible.
* **Assessment:** Use the `nginx_rifter.py` tool provided in the [NGINX Rift repository](https://github.com/Hamid-K/nginx-rift-private-lab) to audit your environment. This tool can:
* Profile existing LFI primitives.
* Fingerprint the NGINX/OS environment.
* Identify vulnerable `rewrite` and `set` directive configurations.
* Assess the reachability of `procfs` to determine if the exploit chain is viable in your specific setup.
* **Defense-in-Depth:** Since the exploit often relies on an LFI primitive, hardening your application against file inclusion and directory traversal attacks remains a critical layer of defense.
laimap: Discover Exposed AI Services - Bishop Fox

AIMap is an open-source security research and penetration testing tool developed by Bishop Fox. It is designed to discover, fingerprint, assess, and test the security posture of exposed AI and Machine Learning (ML) endpoints across the internet 【1】.

### What Happened
Bishop Fox released AIMap as a specialized framework to address the growing attack surface of AI/ML infrastructure. It automates the lifecycle of identifying and testing insecure AI deployments, moving from broad internet-wide discovery to granular, protocol-specific exploitation testing 【1】.

### Who Is Affected
Organizations and developers deploying AI/ML services—such as Model Context Protocol (MCP) servers, Ollama instances, and OpenAI-compatible APIs—are the primary subjects of this tool. Any entity that has inadvertently exposed these services to the public internet without adequate authentication or security controls is at risk of discovery and exploitation by AIMap 【1】.

### Security Implications
The tool highlights several critical security risks associated with modern AI deployments:
* **Unauthorized Access:** Many endpoints lack authentication, allowing attackers to interact with models or tools directly 【1】.
* **Tool Abuse:** AI agents often have access to powerful tools (e.g., `exec_code`, `run_shell`, `query_db`). If these are exposed, an attacker can perform unauthorized actions on the host system 【1】.
* **Information Disclosure:** Vulnerable endpoints may leak system prompts, model weights, or internal tool configurations, providing attackers with sensitive context for further exploitation 【1】.
* **Dangerous Combinations:** The tool specifically flags high-risk configurations, such as unauthenticated endpoints that also provide code execution capabilities 【1】.

### Technical Details
AIMap utilizes a modular architecture to manage the discovery and testing pipeline:
* **Discovery:** Uses Shodan API queries to identify potential AI/ML endpoints 【1】.
* **Fingerprinting:** Employs `httpx` for liveness checks and custom Nuclei templates to identify frameworks, protocols, and authentication status 【1】.
* **Risk Scoring:** Calculates a 0–10 risk score based on factors like missing authentication, exposed tools, open CORS policies, and the presence of uncensored models 【1】.
* **Attack Engine:** Supports protocol-specific testing, including MCP tool enumeration/invocation, Ollama model extraction, and prompt injection 【1】.
* **Stack:** Built with a FastAPI backend, MongoDB/Redis for data management, and a React/TypeScript frontend featuring a 3D globe for visualization 【1】.

### What Defenders Should Know
Defenders can use the insights provided by AIMap to harden their infrastructure:
* **Audit Exposure:** Use the tool's logic to scan your own CIDR ranges to identify inadvertently exposed AI services 【1】.
* **Implement Authentication:** Ensure all AI/ML endpoints are protected by robust authentication mechanisms; the tool explicitly flags "No authentication" as a major risk factor 【1】.
* **Restrict Tool Access:** Limit the capabilities granted to AI agents. Avoid exposing dangerous tools like `exec_code` or `run_shell` to public-facing interfaces 【1】.
* **Monitor Configurations:** Regularly check for common misconfigurations, such as open CORS policies (`*`), lack of TLS, and exposed system prompts, all of which contribute to a higher risk score in the AIMap framework 【1】.

***Warning:** AIMap is intended for authorized penetration testing and security research only. Unauthorized access to computer systems is illegal 【1】.*
persisthunt: Linux Persistence Detection, Hunting and Arftifact Collection script - raj3shp

The `persisthunt.sh` project is a specialized security tool designed to assist Linux system administrators and security responders in threat hunting and incident response. It automates the collection of artifacts related to common Linux persistence mechanisms and highlights suspicious patterns that may indicate a compromised system.

### What Happened
The project provides a bash script (`persisthunt.sh`) that scans a Linux environment for known persistence techniques. It acts as a force multiplier for defenders by automating the tedious process of manually checking various system locations where attackers typically hide backdoors or maintain access.

### Who Is Affected
This tool is intended for use by **defenders, security analysts, and system administrators** who manage Linux environments. It is specifically designed to help them identify if their systems have been compromised by attackers using persistence techniques.

### Security Implications
The tool addresses the critical challenge of detecting "persistence"—the methods attackers use to ensure they maintain access to a system even after reboots or credential changes. By identifying these mechanisms, defenders can:
* **Detect Active Threats:** Identify ongoing malicious activity such as active reverse or bind shells.
* **Uncover Hidden Backdoors:** Find sophisticated persistence methods, including eBPF-based rootkits (like BPFdoor), hidden processes in `/proc`, and malicious `LD_PRELOAD` configurations.
* **Reduce Dwell Time:** Speed up the investigation process, allowing for faster remediation of compromised systems.

### Technical Details
The script categorizes its findings into three levels of severity to help prioritize investigations:

| Category | Description |
| :--- | :--- |
| **High** | High-confidence indicators of compromise, such as active shells, eBPF rootkits, unauthorized cron jobs, malicious systemd services, and evidence of process hiding (e.g., `/proc` manipulation). |
| **Low** | Potential indicators that require further investigation, such as files with unusual POSIX capabilities, recent ELF binaries in temporary directories, or abuse of package manager plugins (APT/Yum/DNF). |
| **Informational** | Baseline data for manual review, including lists of all cron jobs, shell profiles, loaded kernel modules, active network connections, and installed packages. |

The tool is designed to be **flexible and extensible**. Defenders can customize the detection logic and keywords to suit their specific environment, making it a foundation for building more tailored threat-hunting workflows.

### What Defenders Should Know
* **Customization is Key:** The script is a foundation; defenders should review and adapt the detection logic and keywords to match their specific environment's baseline.
* **Output Volume:** The script can generate a large amount of data. It is designed to be readable by humans but is also structured to be easily parsed and summarized by LLMs or automated security agents.
* **Context Matters:** Many of the "Low" and "Informational" findings are not inherently malicious. They require a defender's expertise to determine if the activity is legitimate administrative work or an attacker's attempt to blend in.
* **Advanced Detection:** The tool includes checks for advanced techniques like eBPF-based network socket manipulation and bind-mount tricks used to hide processes from standard tools like `ps`.
We are investigating unauthorized access to GitHub’s internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. - GitHub

On May 19, 2026, GitHub publicly disclosed that it was investigating unauthorized access to its internal repositories 【1】.

### Summary of the Incident

* **What Happened:** GitHub identified and began investigating unauthorized access to its internal repository infrastructure 【1】.
* **Who is Affected:** The incident is currently limited to GitHub's internal systems 【1】. At the time of the disclosure, there was no evidence suggesting that customer information stored outside of these internal repositories—such as data within customer enterprises, organizations, or individual repositories—had been impacted 【1】.
* **Security Implications:** Unauthorized access to a platform's internal repositories poses a significant risk, as it may expose proprietary source code, internal tooling, configuration secrets, or development workflows. While GitHub has stated that customer data appears unaffected, such incidents often necessitate a thorough audit of internal access controls and potential credential rotation.
* **Technical Details:** Specific technical details regarding the entry point, the duration of the unauthorized access, or the specific repositories accessed have not been publicly released by GitHub.
* **What Defenders Should Know:**
* **Monitor for Updates:** Organizations relying on GitHub should monitor official channels (such as the GitHub Status page or their official social media accounts) for further updates and any recommended actions.
* **Review Access Logs:** While the impact is currently described as internal, security teams should maintain heightened vigilance regarding their own GitHub audit logs for any anomalous activity.
* **Maintain Hygiene:** As a general best practice, ensure that all secrets (API keys, tokens, credentials) are not hardcoded in repositories and are managed through secure secret management solutions. If there is any suspicion of credential exposure, rotate those secrets immediately.