Anonymous Researcher Publishes Zero-Day Exploits for Major Software Projects
ID: c9f9fcc5-ce54-5173-b25b-777b72edf175
STIX ID: report--c9f9fcc5-ce54-5173-b25b-777b72edf175
Feed Name: ThreatCluster
Threat Score
An anonymous researcher calling themselves “Bikini” published exploit code for more than a dozen zero‑day vulnerabilities across 15 popular open‑source projects (including the Linux kernel and Libssh2). Two vulnerabilities (CVE-2026-55200 in Libssh2 and CVE-2026-20896 in Gitea) are reported to be actively exploited, nine CVEs have been assigned, and affected projects are beginning to issue patches; the researcher claims to have used OpenAI's GPT-5.5 Codex to find the bugs.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
