HackMyIP
← Back to News
2026-07-13 The Hacker News

ShareFile Alert, Zimbra XSS Flaw, and Jscrambler npm Attack: Weekly Recap

Supply ChainVulnerabilityAI Security

This week's threat landscape underscores a persistent imbalance: defenders and attackers now wield the same AI-assisted tooling, but only one side files remediation tickets. Progress Software issued an urgent advisory asking ShareFile customers to immediately shut down Windows servers running Storage Zone Controllers, citing a credible external security threat. The company has temporarily disabled access to affected accounts while working with internal and external security experts, though there are no confirmed indications of unauthorized access to ShareFile accounts or data. The exact nature of the threat remains undisclosed, leaving administrators in a precautionary posture with limited visibility.

Zimbra released patches for a critical stored cross-site scripting vulnerability in its Classic Web Client, where a specially crafted email could execute malicious scripts in a recipient's session. The flaw allows attackers to access mailbox contents, session data, or account settings upon opening a malicious message, though no CVE identifier has been assigned at the time of writing. Separately, the Jscrambler npm package was compromised via a stolen publishing credential, with attackers publishing multiple versions containing IronWorm, a Rust-based information stealer targeting developer secrets across Windows, macOS, and Linux. JFrog previously documented IronWorm as Linux-only; this campaign extends its reach via a three-platform CSI container, highlighting the escalating risk of supply-chain credential exposure.

Elsewhere, the gap between patch availability and active exploitation continues to narrow. Fake installers, poisoned packages, and internet-exposed systems remain routine entry points, while AI coding assistants execute instructions that were never approved by their users. Organizations are urged to audit npm dependencies, harden publicly reachable services with a port scanner to identify exposed surfaces, and confirm credential hygiene using a password checker following any suspected developer environment compromise. SANS also published a free guide mapping 10 verified AI security roles, salary ranges, and required skills, signaling where defensive hiring is accelerating in 2026. The throughline is unflattering: ordinary mistakes are simply happening faster than remediation queues can absorb them.

Source: The Hacker News →

Related Tools

Check whether this kind of story affects you — free, no signup:

My IP →IP Lookup →Privacy Checkup →

Related Guides

Learn the background behind this story:

What is my IP and why it matters →IP address security →How to stop being tracked online →