Risky Bulletin: Shai-Hulud goes open-source - Risky Bulletin

Summary6 min read

Risky Bulletin: Shai-Hulud Goes Open Source

Risky Business Media | May 15, 2026

Read by Claire Aird | Prepared by Catalyn Kim Panu

Episode Overview

This episode dives into major recent cybersecurity news: the public release of the Shai-Hulud worm’s source code, high-profile arrests and law enforcement operations against cybercriminals, attacks and vulnerabilities in the supply chain space, as well as key software and hardware advisories. The team rounds up regulatory, law enforcement, and technical responses to emerging cyber threats across the globe.

Key Discussion Points & Insights

1. Shai-Hulud Worm Source Code Leaked

(00:12) The code for the notorious Shai-Hulud worm, tied to at least six supply chain attacks since November, was published to a hacking forum.
The leak came from individuals claiming to be with Team PCP.
"The code's authenticity has already been confirmed by multiple security vendors." – Claire Aird (00:19)
Team PCP is incentivizing exploitation: "The group is encouraging other threat actors to use the worm, promising a $10,000 reward to whoever carries out the largest supply chain attack in the coming days." (00:32)

2. Major Law Enforcement Actions

Dream Market Admin Unmasked and Charged
- (00:38) U.S. authorities charged Martin Anderson (alias “Speedstepper”), top admin of Dream Market, arrested in Germany.
- "Authorities finally tracked him down after he started converting some of the Dream Market bitcoin into gold bars and sending them to his home in Germany." (01:01)
South Korean Extradition
- (01:16) Chinese hacker extradited from Thailand. Led crew that stole $275M+ from South Korean celebrities, including BTS’s Jungkook.
Cambodia Raid
- (01:33) Over 400 suspects detained at a Sihanoukville scam compound. Gunshots and fugitives reported. Previous raid in December caught 50 people.
Russian SIM Farm Bust & Hacking Sentencing
- (01:55) Authorities dismantled a St. Petersburg SIM farm running 6,000+ cards for scam calls (some to Ukrainian clients).
- (02:09) A 16-year-old in Donetsk convicted of selling hacked accounts, later used for fraudulent calls; sentencing pending.

3. Major Breaches and Supply Chain Threats

OpenAI Certificate Rotation after Supply Chain Hit
- (02:23) OpenAI rotates code signing certificates after a Tanstacks supply chain incident.
- "The company detected malicious activity originating from the employee's device that matched the mini Shaihalud Worm." (02:29)
- Only a small number of internal repositories affected; no user data exposed.
Cryptocurrency Theft
- (02:44) Hackers steal $1.9M from Transit Finance and $2.8M from TAC Cross Chain, by compromising smart contracts on the TON blockchain.

4. Disinformation Operations

French Investigation into Israeli Disinfo Firm
- (03:00) France investigates Blackcorp over a campaign that targeted three mayoral candidates from France Unbowed, who have criticized Israel's actions in Gaza.

5. Security Vulnerabilities & Patches

Microsoft’s ‘EM Dash’ AI Patch Harness
- (03:21) Debut of EM Dash—a platform using 100+ AI agents to find software vulnerabilities. Accounted for 16 out of 130 recent Patch Tuesday bugs found.
Cisco SD-WAN Zero Day
- (03:37) Critical update to fix a zero day letting attackers gain privileged access to Catalyst SD-WAN appliances.
- Linked to group UAT8616, who previously exploited similar vulnerabilities. The flaw is "being exploited in the wild and has been added to CISA's Kev list." (03:47)
Praising AI API Server Exploitation
- (03:57) Vulnerable legacy API server in Praisen AI rapidly exploited within three hours of patch release due to unauthenticated default configuration.
- “Threat actors have been prioritizing vulnerabilities in AI servers recently...” (04:10)
WooCommerce FunnelKit Builder Flaw
- (04:19) Attackers exploiting a popular plugin to inject code and steal credit card data from 40,000+ online stores.
- Patches released.
Composer GitHub Token Leak
- (04:36) Emergency update for Composer PHP manager to fix leaked GitHub tokens in action logs after GitHub changed token formatting.
- “PHP developers are advised to install the new Composer update by then to prevent their CI CD pipelines from leaking the tokens.” (04:50)

6. Other Significant Security Advisories

AMD CPU Vulnerability
- (04:58) OS updates advised for Zen 2 (Ryzen, Epyc); bug lets malicious code break memory cache isolation and escalate privileges.
Cisco Workforce Cuts
- (05:09) Cisco announces 4,000 layoffs while shifting focus toward AI investment—despite record $15.8B revenue.
Debian Mandates Reproducible Builds
- (05:17) All new packages for upcoming Debian 14 release must use reproducible builds, supporting binary-source verification.

7. Open Source Cyberdefense

Microsoft Anti-SSRF Library
- (05:26) New open-source library for .NET/Node.js validates URLs, blocks requests to internal/sensitive ports, designed to help developers avoid server-side request forgery vulnerabilities.

Notable Quotes & Memorable Moments

“The code's authenticity has already been confirmed by multiple security vendors.” – Claire Aird (00:19)
“The group is encouraging other threat actors to use the worm, promising a $10,000 reward to whoever carries out the largest supply chain attack...” – Claire Aird (00:32)
“Authorities finally tracked him down after he started converting some of the Dream Market bitcoin into gold bars and sending them to his home in Germany.” – Claire Aird (01:01)
“The company detected malicious activity originating from the employee's device that matched the mini Shaihalud Worm.” – Claire Aird (02:29)
“PHP developers are advised to install the new Composer update by then to prevent their CI CD pipelines from leaking the tokens.” – Claire Aird (04:50)
“Threat actors have been prioritizing vulnerabilities in AI servers recently, with many solutions coming under attacks as such soon as bugs are disclosed.” – Claire Aird (04:10)

Summary Table of Major Incidents (with Timestamps)

| Major Incident | Description/Impact | Timestamp | |-------------------------------------------|----------------------------------------------------------------------------------|-----------| | Shai-Hulud worm code leaked | Open-source worm; bounty program begun for new attacks | 00:12 | | Dream Market admin arrest | Speedstepper (Anderson) identified after OPSEC lapse | 00:38 | | South Korea/China celebrity banking hack | $275M+ stolen, high-profile victim: Jungkook (BTS) | 01:16 | | Sihanoukville scam compound raid | 400+ detained, gunfire, mass escape | 01:33 | | Russian SIM farm bust | 6,000 SIMs, cross-border phone scams | 01:55 | | OpenAI/Tanstacks supply chain infection | Employee devices, internal repo compromise, limited in scope | 02:23 | | TON blockchain platforms hacked | $4.7M stolen via DeFi contract compromises | 02:44 | | French authorities probe Blackcorp | Disinfo campaign against mayoral candidates with anti-Israel stances | 03:00 | | Cisco SD-WAN zero day | Exploited in the wild; urgent patch | 03:37 | | Composer GitHub Token leak | Patch required before May 18 to prevent exposure | 04:36 | | WooCommerce plugin vulnerability | 40,000+ stores at risk, code injection and card theft | 04:19 | | AMD Zen 2 vuln, Debian reproducible builds| Hardware and software supply chain risk management | 04:58 | | Microsoft anti-SSRF library | Open source tool to prevent major web-app flaw class | 05:26 |

Final Thoughts

This Risky Bulletin provided a broad, incisive sweep of global cybersecurity incidents, supply chain threats, technical advisories, and evolving law enforcement activity. The episode underscores the persistent risk of open-source malware, the fast pace of exploit development after patch disclosure (especially in AI platforms), and the international scope of both cybercrime and coordinated response.

Loading summary

Transcript1 lines

[00:04]
A
The source code for the Shai Hulud worm has been released online and Dark Web Market Admin was charged after a major OPSEC failure. France investigates an Israeli disinfo firm and composer rushes to fix a GitHub token leak. This is the risky bulletin prepared by Catalyn Kim Panu and read by me, Claire aird. Today is the 15th of May and this podcast episode is brought to you by Knock Knock, which is built, built and shipped a greynoise integration. More details are in this week's sponsor interview. In today's top story, source code for the Shai huludwurm has been published on a hacking forum. The code was released by individuals claiming to be associated with the Team PCP hacking group. The code's authenticity has already been confirmed by multiple security vendors. The Shai hulludwyrm was first seen in November and has been tied to at least six six supply chain attacks targeting NPM and Python libraries hosted on GitHub. The team PCP group is encouraging other threat actors to use the worm, promising a $10,000 reward to whoever carries out the largest supply chain attack in the coming days. In other news, the US has charged a 49 year old German national with running the defunct Dream Dark Web Marketplace. O Martin Anderson was arrested in Germany last week. Dream market launched in 2013 and shut down by authorities in 2019. He operated the site under the pseudonym Speedstepper and was the market's top admin. Other Dream admins had already been arrested and imprisoned, but speedstepper had remained unidentified for years. Authorities finally tracked him down after he started converting some of the Dream Market bitcoin into gold bars and sending them to his home in Germany. South Korean authorities have extradited a Chinese hacker from Thailand. The suspect was the leader of a group that stole more than 2,275 million dollars from Korean celebrities. The group hacked a South Korean telco in 2023 and used the data to gain access to the victim's bank accounts. The group's most famous victim was Jungkook, a member of K Pop supergroup bts. Cambodian authorities have raided a scam compound in the city of Sihanoukville for the second time in six months. More than 400 suspects were detained, but even more fled through the streets, including gunshots were reported by authorities during the chaos. The same scam compound location was also raided in December. Fifty suspects were arrested in that raid. Russian authorities have dismantled a sim farm operating in the city of St. Petersburg. The farm ran more than 6,000 SIM cards and was primarily used to place scam calls. Russian authorities claim some of the Sim farms customers included scammers from Ukraine. A 16 year old teenager in occupied Donetsk has been found guilty by a Russian court of selling hacked accounts on a Telegram channel. Authorities say the hacked accounts were later used to place fraudulent calls to Russian citizens through Instant messenger platforms. His sentencing is scheduled for next month. OpenAI is rotating code signing certificates after two employees were impacted by the Tanstacks supply chain attack this week. The company detected malicious activity originating from the employee's device that matched the mini Shaihalud Worm. OpenAI says the intrusion was limited to a small number of repositories and the malware didn't have any access to user data. Hackers have stolen $1.9 million from the transit finance cross chain aggregator and another $2.8 million from the TAC Cross Chain platform. The hacks took place on the same day, but it's unclear if the same behind both. In both instances, the hackers targeted smart contracts that interacted with the ton blockchain. French authorities have launched an investigation into an Israeli company named blackcorp over a disinformation campaign. Officials say the company may be linked to an online campaign that smeared three mayoral candidates of the France Unbowed party. The campaign targeted mayoral candidates for the cities of Marseille, Toulouse and Roubaix. The far left party has criticised Israel over its war in Gaza. Microsoft has unveiled a new AI model harness that can discover and patch software vulnerabilities. The new EM Dash harness works by aggregating more than 100 specialized AI agents into one singular platform. Sixteen of the 130 vulnerabilities patched in this month's patch Tuesday were discovered with mdash. Cisco has released firmware updates to patch a critical zero day in Catalyst SD WAN devices. The zero day allows attackers to become an authenticated peer of the target appliance and perform privileged operations. The vulnerability is being exploited in the wild and has been added to CISA's Kev list. Cisco linked the recent attacks to another set of zero days exploited in February. The same group designated as UAT8616 by Cisco Talus, was behind this zero day as well. Hackers began exploiting a vulnerability in Praisen AI servers within three hours of a patch for them becoming available. The attacks targeted a legacy API server that shipped with the main Praison AI server that was left enabled without any authentication. The quick move to exploitation was likely the result of a simple POC threat. Actors have been prioritizing vulnerabilities in AI servers recently, with many solutions coming under attacks as such soon as bugs are disclosed. Meantime, hackers are exploiting a vulnerability in a popular WooCommerce plugin to inject malicious code on online shops and steal credit card Data. More than 40,000 WooCommerce stores using the Funnel Kit builder are affected. Patches have been released this week. The plugin is typically used to design custom checkout experiences on WordPress based online stores. Packagyss has rolled out an emergency security update to the composer PHP package manager to fix a bug that leaked GitHub tokens in public GitHub actions logs. The bug was traced back to GitHub changing the token format with tokens now including hyphen characters. GitHub has since paused the rollout of the new format until May 18th. PHP developers are advised to install the new Composer update by then to prevent their CI CD pipelines from leaking the tokens. CPU maker AMD has advised users to install operating system security updates to mitigate a security flaw in its CPUs. The vulnerability was discovered internally. It allows malicious code running on the CPU to break the memory cache isolation and execute at higher privileges. The bug impacts AMD Zen 2 products. This includes the company's Ryzen and Epyc product lines. Cisco will lay off 4,000 employees, or around 5% of the company's global workforce. Cisco CEO Chuck Robbins says the company is currently focused on increasing its spend on AI technologies. The company announced the layoffs on the same day it reported record revenue of $15.8 billion. The Debian OS project is mandating that all new Debian packages use reproducible builds. All packages that want to be included in the upcoming Debian 14 release must allow developers to verify that a binary has originated from specific source code. And finally, Microsoft has open sourced a project designed to help coders prevent server side request forgery vulnerabilities. The anti SSRF library is available for. Net and Node JS applications. The library works by automatically validating URLs and network connections generated by based on user supplied inputs. It also comes with an agent to block requests to internal or sensitive IP addresses. And that is all for this podcast edition. Today's show was brought to you by Knock Knock. Find them at Knock Knock. That's Knoc Knoc IO thanks to your company.