Last Week in AppSec for 12. Feb 2026
ID: e81e7715-615d-5101-b6f2-867eb4e70539
STIX ID: report--e81e7715-615d-5101-b6f2-867eb4e70539
Feed Name: Checkmarx Zero
Threat Score
This AppSec briefing highlights a high-risk supply-chain campaign that published malicious npm and PyPI packages targeting dYdX users (secret harvesting and a RAT), urgent vulnerabilities including a pre-auth BeyondTrust RCE and Docker Desktop local privilege escalation, and systemic risks from AI memory poisoning and malicious agent skills; it advises rapid triage, secret rotation, patching, and introducing guardrails for developer/CI environments.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.