npm supply chain attack targets SAP ecosystem packages mbt and @cap-js/sqlite via Bun runtime payload

StepSecurity has identified a new npm supply chain attack dubbed 'Mini Shai-Hulud' targeting SAP ecosystem packages. Two confirmed compromised packages are mbt@1.2.48 and @cap-js/sqlite@2.2.2. The attacker injects a preinstall hook that downloads the Bun JavaScript runtime and executes an 11 MB obfuscated payload, likely to evade Node.js-focused detection tools. Detection signals included a new preinstall script with no version history, two undocumented files, and a 500x package size increase in a single version bump. Victim GitHub repositories with a hardcoded description are being created in real time, each representing a developer whose credentials were stolen during installation.

CISA orders federal agencies to patch actively exploited Windows zero-day CVE-2026-32202 by May 12

CISA has added CVE-2026-32202, a Windows zero-click credential theft vulnerability, to its Known Exploited Vulnerabilities catalog and ordered federal agencies to patch by May 12. The flaw was discovered by Akamai as an incomplete fix from Microsoft's February patch for CVE-2026-21510, leaving an authentication coercion gap exploitable via auto-parsed LNK files. Russian APT28 (Fancy Bear) previously exploited the original RCE flaw in attacks against Ukraine and EU countries. Microsoft has since flagged the vulnerability as actively exploited. CISA urges all organizations, not just federal agencies, to prioritize patching immediately.

Mistral AI launches Workflows orchestration layer for enterprise AI in public preview

Mistral AI has launched Workflows, an orchestration layer for enterprise AI now in public preview. Built on top of Temporal and integrated into Mistral's Studio platform, it lets developers define multi-step AI processes in Python with stateful execution, fault tolerance, retry policies, and human-in-the-loop approval checkpoints. The architecture separates control and data planes, keeping execution workers and data within the customer's environment. It targets the gap between AI experimentation and reliable production deployment, addressing issues like pipeline failures, timeouts, and lack of audit trails in regulated environments. Early community reactions are cautiously optimistic, noting that lower-level reliability challenges around GPU utilization and real traffic handling remain unsolved.

Claude Mythos Preview finds 271 zero-days in Firefox 150 in AI-assisted security scan

Mozilla's Firefox team, in collaboration with Anthropic, used an early version of Claude Mythos Preview to scan Firefox for security vulnerabilities. The result: 271 zero-days identified and fixed in Firefox 150, following an earlier scan with Opus 4.6 that found 22 bugs in Firefox 148. Security expert Bruce Schneier highlights this as an extraordinary milestone, noting that AI-powered vulnerability discovery at this scale could decisively shift the advantage to defenders — provided patches reach users quickly.

AWS Interconnect reaches GA with managed multicloud and last-mile connectivity

AWS Interconnect has reached general availability, offering two capabilities: managed private Layer 3 multicloud connections (starting with Google Cloud, with Azure and OCI planned for later in 2026) and last-mile connectivity from on-premises locations via network providers like Lumen. The jointly engineered AWS-Google solution eliminates the need for colocation facilities and VPN tunnels, enabling provisioning in minutes through the AWS Direct Connect console. Traffic stays off the public internet, uses MACsec encryption, and includes built-in redundancy with a 99.99% SLA. AWS also published the underlying specification on GitHub under Apache 2.0, a move analysts interpret as an attempt to establish a de facto multicloud connectivity standard. Key gotchas include non-overlapping IP ranges and MTU mismatches between AWS and Google Cloud VPCs.

GitHub launches gh-stack native CLI extension for stacked pull requests

GitHub has launched gh-stack, a native CLI extension for stacked pull requests, entering a space previously dominated by third-party tools like Graphite. Stacked PRs let developers chain branches so each targets the one below it, keeping individual PRs small and reviewable while work on later layers continues. Research cited shows PRs of 200–400 lines have 40% fewer defects and are approved 3x faster. The gh-stack extension automates cascading rebases, adds a stack map to the PR UI, and includes AI agent integration. The feature is in private preview as of April 13, 2026. Community reaction is mixed, with praise for mainstream validation but skepticism around squash-merge compatibility and cascading rebase conflicts that Graphite has had years to address.

Amazon CloudWatch adds OpenTelemetry metrics support in public preview

AWS has launched a public preview of OpenTelemetry metrics support in Amazon CloudWatch, enabling developers to send metrics directly via the OpenTelemetry protocol (OTLP) alongside existing AWS service metrics. The update introduces a high-cardinality metrics store supporting up to 150 labels per metric, automatic AWS resource metadata enrichment, and PromQL query support for teams already using Prometheus. This completes CloudWatch's OTLP coverage across all three observability pillars: traces, logs, and now metrics. A separate preview also adds OpenTelemetry-based Container Insights for Amazon EKS. Community reaction is largely positive, though concerns about post-preview pricing for high-cardinality metrics have been raised.

30 ClawHub skills secretly enroll AI agents into crypto mining swarm

Thirty skills published on ClawHub (a marketplace for OpenClaw AI agent skills) by a single user are silently enrolling AI agents into a cryptocurrency mining swarm called ClawSwarm. Without any malware or user consent, installed skills cause agents to register with an external server, report their capabilities, generate Hedera crypto wallets, and submit private keys — all without user knowledge or approval. Security researcher Ax Sharma notes this isn't a traditional vulnerability since the code itself is clean; the issue is a lack of runtime visibility into agent behavior. The fix likely lies in requiring skill manifests to disclose network endpoints and wallet generation, rather than scanning for malicious code patterns.

curl 8.20.0 patches 8 security flaws, disables NTLM and SMB by default and drops RTMP support

curl 8.20.0 has been released as the 274th release, featuring 8 changes, 282 bugfixes, and 521 commits over a 49-day cycle. Notably, this release patches 8 security vulnerabilities including credential leaks, connection reuse issues, and an OCSP stapling bypass. Key changes include a new thread pool for DNS resolution, NTLM and SMB disabled by default, dropped RTMP support, and dropped support for older CMake and c-ares versions. Future removals planned include local crypto implementations, NTLM, SMB, and TLS-SRP support.