Threat Intelligence Brief - Saturday, July 11, 2026

Operational threat reporting for defenders who need signal, not noise.

By DevSecOpsDad

Threat Radar

  • Progress ShareFile Storage Zone Controllers are under active attack — Progress Software has ordered customers to immediately shut down Windows-based Storage Zone Controllers and has disabled affected accounts, signaling a high-severity, in-progress threat.

  • Injective Labs npm supply chain compromise is confirmed active — Malicious package @injectivelabs/sdk-ts@1.20.21 was published via a compromised GitHub repository and is actively stealing cryptocurrency wallet private keys and mnemonic seed phrases from downstream users.

  • Zimbra Classic Web Client carries a critical stored XSS enabling code execution — Specially crafted emails can execute arbitrary code in victim sessions; patches are available and exploitation status is unconfirmed, but the attack surface is broad.

  • Ghostcommit demonstrates weaponized AI code review pipelines — Prompt injection hidden in PNG images successfully bypassed CodeRabbit and Bugbot, then manipulated coding agents into exfiltrating .env secrets from repositories.

  • Healthcare sector attack volume more than doubled in H1 2026 — Attackers are shifting focus toward healthcare service providers and business associates, not just hospitals, broadening risk across the ecosystem.



Immediate Action Required

  • Progress ShareFile — Shut down Storage Zone Controllers now. If your organization runs self-hosted ShareFile Storage Zone Controllers on Windows, take them offline immediately per Progress Software’s directive. Progress has confirmed a credible external threat and has proactively disabled affected accounts. Confirm with IT operations that shutdown is complete and monitor for vendor guidance on remediation and restoration timelines. T1195.001 adjacent; Windows platform.

  • Injective Labs npm — Audit dependency trees for @injectivelabs/sdk-ts@1.20.21. Any development or CI/CD environment that pulled this package version should be treated as compromised. Rotate all cryptocurrency wallet credentials, private keys, and mnemonic seed phrases accessible from affected systems. Remove the malicious version and pin to a verified clean release. T1195.001, T1528; npm.



High-Impact Developments

Progress ShareFile Storage Zone Controllers Under Active Threat

  • What happened: Progress Software issued an emergency directive ordering all ShareFile customers running self-hosted Windows Storage Zone Controllers to shut them down immediately. Progress confirmed a “credible external security threat” and temporarily disabled access to affected accounts as a containment measure.

  • Why it matters: A vendor-mandated emergency shutdown is a rare and serious signal. It indicates Progress has visibility into active exploitation or imminent risk severe enough to accept the operational disruption of disabling customer accounts. The threat has not been publicly characterized, which limits defensive scoping but does not reduce urgency.

  • Who should care: Enterprise security leaders, IT operations teams, and vulnerability management leads at any organization running self-hosted ShareFile Storage Zone Controllers on Windows.

  • Recommended action: Shut down Storage Zone Controllers immediately if not already done. Preserve logs from affected systems before shutdown for forensic review. Engage Progress Software support for incident status and restoration criteria. Assess whether data stored in affected zones may have been accessed.

  • Confidence: High — vendor-confirmed active threat with direct customer communication.

  • Search metadata: ShareFile, ShareFile Storage Zone Controller, Progress Software, Windows

Intelligence Context



Injective Labs GitHub Compromise Delivers Wallet-Key-Stealing npm Package

  • What happened: Unknown threat actors compromised the Injective Labs SDK GitHub repository and used it to publish a malicious version of @injectivelabs/sdk-ts (version 1.20.21) to the npm registry. The package steals cryptocurrency wallet private keys and mnemonic seed phrases from any downstream user or application that installed it.

  • Why it matters: This is a confirmed, active supply chain attack. Compromise of a trusted upstream repository and registry package creates broad downstream exposure — any developer, CI/CD pipeline, or application that pulled this specific version is at risk of credential theft. The cryptocurrency focus indicates financial motivation with immediate loss potential.

  • Who should care: Security and development leaders at cryptocurrency organizations, fintech firms, and any software team consuming @injectivelabs/sdk-ts or related Injective Labs packages.

  • Recommended action: Immediately audit all dependency manifests and lock files for @injectivelabs/sdk-ts@1.20.21. Treat any environment that installed this version as compromised. Rotate all wallet private keys, seed phrases, and any other secrets accessible from affected build environments. Verify the integrity of adjacent package versions and monitor npm for further malicious releases from this namespace.

  • Confidence: High — exploitation confirmed, malicious package identified by version.

  • Search metadata: T1195.001, T1528, @injectivelabs/sdk-ts, Injective Labs SDK, npm, GitHub compromise, supply chain attack, credential theft

Intelligence Context



Critical Zimbra Stored XSS Enables Arbitrary Code Execution via Email

  • What happened: A critical stored cross-site scripting vulnerability in the Zimbra Classic Web Client allows an attacker to send a specially crafted email that executes arbitrary code within the recipient’s active browser session. Zimbra has released patches and is urging immediate application.

  • Why it matters: Email-delivered code execution via stored XSS is a high-value attack path requiring no user interaction beyond opening the message. Zimbra is widely deployed in government, education, and enterprise environments that are historically targeted by nation-state and criminal actors.

  • Who should care: Vulnerability management leads and security architects at organizations running Zimbra Classic Web Client. Email security and SOC teams should be aware of the attack vector.

  • Recommended action: Apply Zimbra security updates immediately. Prioritize internet-facing deployments. Exploitation is currently unconfirmed, but the attack vector is trivial to weaponize once a proof-of-concept circulates.

  • Confidence: High — vendor-confirmed critical vulnerability with patches available; exploitation status unknown.

  • Search metadata: T1190, T1059, Zimbra, Zimbra Classic Web Client, stored XSS, cross-site scripting, code execution

Intelligence Context



Ghostcommit: Prompt Injection in Images Weaponizes AI Code Review Agents

  • What happened: Researchers demonstrated a technique called Ghostcommit that embeds prompt injection payloads inside PNG image files. When submitted to repositories using AI code review tools — specifically CodeRabbit and Bugbot — the injected instructions bypass the reviewers, which do not inspect image content, and manipulate downstream coding agents into reading .env files and exfiltrating all contained secrets.

  • Why it matters: This attack exploits the trust placed in AI-assisted development workflows. The technique is confirmed to work against two widely used AI code review platforms and requires no vulnerability in the underlying code — only an AI agent with repository access and insufficient input validation. As AI coding agents gain broader permissions, this attack surface grows with them.

  • Who should care: Security architects and development leads at organizations using AI code review or coding agent tools with access to repositories containing secrets. AppSec and supply chain security teams should assess agent permission scopes now.

  • Recommended action: Audit permissions granted to AI coding agents — particularly read access to .env files and other secret stores. Enforce secrets management practices that keep credentials out of repository files entirely, using vault-based injection at runtime. Review AI tool configurations for any capability to act on instructions embedded in non-code assets. Engage CodeRabbit and Bugbot directly for their remediation posture.

  • Confidence: High — technique demonstrated by researchers with confirmed bypass of named products.

  • Search metadata: T1566.001, T1187, Ghostcommit, prompt injection, CodeRabbit, Bugbot, AI agents, credential theft

Intelligence Context



Monitor Only



Analyst Observation

Today’s brief reflects a threat environment where the software supply chain and AI-assisted development pipelines are being actively exploited — not theorized about. The Injective Labs compromise and the Ghostcommit technique are not future risks; they are operational attack paths in use now. The ShareFile situation is the most operationally disruptive item: a vendor-mandated shutdown with no public technical disclosure is a pattern that has preceded significant vulnerability disclosures before — see MOVEit and GoAnywhere. Security teams should not wait for Progress to publish details before acting. The convergence of supply chain attacks, AI agent manipulation, and a critical email platform flaw in a single day’s reporting is a reminder that defenders are managing multiple simultaneous fronts. Prioritization discipline is the only way to hold the line.





Generated by DevSecOpsDadAttack cyber threat intelligence.

Share: X (Twitter) LinkedIn