Full writeup of the AITU CTF Final (April 25-26, 2026), a HackCity-format competition. We walk through exploiting DMZ hosts via XXE, SSTI, and SQLi, pivoting into the DEV segment through AD lateral movement, escaping a privileged Docker container via cgroup abuse, and breaching a healthcare system through JWT JKU header injection.
On April 22, 2026, the official @bitwarden/cli@2026.4.0 npm package was malicious for ~90 minutes. A self-propagating worm exfiltrated AWS, Azure, GCP, GitHub, npm, SSH, and AI tooling credentials from CI runners. Vaults stayed safe. CI tokens did not. Timeline, NHI kill-chain mapping, and a 10-minute checklist to know whether you were affected.
Vercel confirmed an unauthorized-access incident on April 19, 2026 that started in a third-party AI tool, pivoted through Google Workspace, and reached environment variables in a subset of customer projects. The exposure surface is every env var that was not marked sensitive. Here is what is confirmed, what is noise, and what to rotate first.
A single AWS key, never rotated for 3 years, spread across 7 systems. When a supply chain attack hit a Terraform CI plugin, the key gave attackers full infrastructure access. Inside the Aged Key kill chain and how to defend against long-lived credentials.
Aqua Security's Trivy was compromised by TeamPCP, cascading into LiteLLM. A 7-phase Cyber Kill Chain and MITRE ATT&CK analysis of how incomplete credential rotation turned a single breach into a five-ecosystem catastrophe.
A prompt injection in a GitHub Issue title hijacked Cline's AI triage bot, stole npm tokens, and silently installed a rogue AI agent on 4,000 developer machines. The era of AI-installing-AI supply chain attacks has arrived.
Attackers exploited a GitHub Actions vulnerability to compromise the Nx package. Analysis of the attack chain, who was affected, and how to detect similar threats.