Risky Bulletin: Plone CMS Stops Supply-Chain Attack

Podcast: Risky Bulletin | Host: risky.biz
Episode Date: February 4, 2026 | Read by Claire Aird, Reported by Catalin Cimpanu

Episode Overview

This episode of the Risky Bulletin delivers a rapid-fire roundup of the latest cybersecurity news, focusing on supply-chain attacks, data leaks, law enforcement actions, major breaches, and new vulnerabilities. The headline story covers how the Plone CMS averted a targeted supply-chain compromise, with additional updates on malicious AI skills, high-profile raids, new malware, and security industry shifts.

Key Discussion Points & Insights

1. Plone CMS Supply Chain Breach Averted

[00:04-01:05]

• Incident Summary:
  • An attacker compromised a developer on the Plone CMS project, using their account token to insert malicious code designed to steal credentials, API keys, and crypto wallet data.
  • The attack specifically targeted developers working with Plone, not end-users.
  • Response: The malicious modifications were detected and removed before the code made it into release.
  • Attribution: GitHub security team discovered the issue.

"A threat actor managed to insert code into the Plone CMS project, but the modifications were removed before release." – Claire Aird, [00:13]

2. Surge in Malicious OpenClaw AI Skills

[01:06-02:10]

• Rapid Growth:
  • Malicious skills on the Clawhub portal jumped from 28 to 400 in a single week.
  • OpenClaw is an open-source AI assistant platform, formerly called Claudebot/Maltbot.
• User Impact:
  • Attackers use skills to steal credentials or deploy malware via add-ons.
• Associated Incident:
  • 1.5 million API tokens leaked from the Maltbook AI platform (OpenClaw’s social network) due to a misconfigured Supabase database.
  • Leak included tokens, agent messages, and owner information.
  • Cloud security firms Permeso and Wiz reported the leak.

"Security researchers recently spotted a growing number of malicious open claw skills that steal user credentials or or deploy malware." – Claire Aird, [01:21]

3. OpenVSX Marketplace Security Upgrades

[02:11-02:35]

• Platform Changes:
  • The Eclipse Foundation will introduce security scans for malicious code, typo-squatted names, and leaked credentials on their VS Code extension marketplace, OpenVSX.
• Background:
  • OpenVSX has previously hosted hundreds of malicious extensions, including “Glassworm,” a self-replicating malware.

4. X (Ex-Twitter) Office Raids and Criminal Investigation

[02:36-03:05]

• Law Enforcement:
  • Europol and French authorities raided X's Paris offices as part of a probe into child sexual abuse images and deepfakes allegedly generated using the platform’s Grok AI feature.
  • Former and current CEOs (Elon Musk and Linda Yaccarino) summoned for April hearings.

5. Automated License Plate Reader Shutdown in Mountain View

[03:06-03:23]

• City Action:
  • Mountain View disabling Flock automated license plate readers after unauthorized data access by out-of-state agencies and inadequate notifications from vendor.

6. Chinese APT Hacked Notepad App Servers

[03:24-03:58]

• Attack Overview:
  • Rapid7 attributes a six-month breach of Notepad app servers to Chinese APT groups Billbug and Lotus Blossom.
• Impact:
  • Attackers shipped malicious updates to specific targets.
  • They deployed a new backdoor named Chrysalis.

"A Chinese state hacking group spent six months inside the server infrastructure of the Notepad app." – Claire Aird, [03:24]

7. Ransomware, Extortion, and Cryptocurrency Thefts

[03:59-05:25]

• Belgian High School Breach:
  • Attackers extorting parents (€50 each) after school refused €15,000 ransom.
• Step Finance Hack:
  • $30 million in tokens stolen; token value dropped 80%.
• CrossCurve Cryptocurrency Bridge Breach:
  • $3 million stolen; CEO threatens legal action if funds not returned.
• NationStates Browser Game:
  • Player accessed and exfiltrated game source code, emails, passwords, IPs; has apologized.
• Canada Computers Retailer:
  • Skimmer attack collected card data from guest checkout users in December.

8. Meta (WhatsApp) Moves to Rust for Media Handling

[05:26-05:48]

• Security Enhancement:
  • Meta adopts Rust to handle WhatsApp media files, addressing memory safety vulnerabilities from legacy C/C++ code.

9. Recent Vulnerabilities & Malicious Activity

[05:49-06:45]

• Citrix ADC/Netscaler Recon:
  • Over 60,000 residential IPs probing for login pages.
• CISA Vulnerability Updates:
  • 59 KEV vulnerabilities re-categorized as ransomware attack vectors; change went unannounced.
• Metro Development Server (React Native):
  • OS command injection flaw targeted
• Nitrogen Ransomware Issue:
  • Variant corrupts VMware ESXi files irrecoverably; security firm urges not to pay ransom.

10. Underground Cybercrime Shifts

[06:46-07:19]

• Globalman Exit Scam:
  • Stolen code signing certificates marketplace vanishes, taking users’ funds.
• Naish Team Persistence:
  • Evaded Russian crackdown, reestablished infrastructure; specializes in remote access trojans since 2022.

11. Meta Ad Scams in Europe

[07:20-07:46]

• Scale of Fraud:
  • One third of Meta ads in Europe/UK over 23 days linked to online scams.
• Attribution:
  • 10 advertisers responsible for more than half of bad ads; infrastructure tied to China and Hong Kong.

"A small cluster of 10 advertisers were responsible for more than 50 of the malicious ads." – Claire Aird, [07:38]

Notable Quotes & Memorable Moments

• On the Plone breach:
  "The code targeted developers working with Plone rather than visitors to clone based sites." – Claire Aird, [00:33]

• On supply-chain vigilance:
  "The attacker compromised a developer on the project. Their personal account token was used to add code that was designed to steal credentials, API keys and crypto wallet data." – Claire Aird, [00:17]

• On AI skill threats:
  "Malicious skills on the Clawhub portal reached 400 on Tuesday, up from 28 last week." – Claire Aird, [01:10]

• On law enforcement action:
  "The French offices of social media network X have been raided by Europol and local authorities. The raids were part of a criminal investigation over child sexual abuse images and pornographic deepfakes." – Claire Aird, [02:37]

• On crypto platform hacks:
  "Hackers have stolen almost $30 million worth of tokens from the Step Finance Defi platform. The company says the hackers used a well known attack vector to access its treasury wallets." – Claire Aird, [04:37]

Timestamps for Key Segments

• 00:04 – Plone CMS supply chain attack details
• 01:10 – OpenClaw AI skills surge, API token leak
• 02:11 – OpenVSX security announcement
• 02:36 – X office raid
• 03:24 – Notepad app APT breach
• 03:59 – Ransomware, crypto theft news
• 05:26 – WhatsApp moves to Rust
• 05:49 – Citrix scan campaign, CISA updates
• 06:46 – Globalman exit scam, Naish team update
• 07:20 – Meta ad scam report

Tone and Style

The episode maintains a brisk, factual tone—delivering cybersecurity developments with clarity and urgency. It’s densely packed with technical detail but accessible to security professionals and a wider tech-savvy audience.

For more in-depth stories and cybersecurity analysis, tune in to future Risky Bulletin episodes.