Issue #16 - AppSec Weekly 🛡️ - Jan 2026

Your go-to source for the latest in application security trends, tools, and insights for January third week 2026!

Author

Shivasurya
January 18, 2026

AppSec Weekly Jan 2026

📰 TLDR AppSec Weekly 📰

TLDR: This week's AppSec blast radius is wild. Wiz caught AWS CodeBuild leaking GitHub admin tokens through unanchored regex filters, giving attackers a path to backdoor the JavaScript SDK that powers 66% of cloud environments and the AWS Console itself. Meanwhile, Google deliberately weaponized Net-NTLMv1 by releasing rainbow tables to embarrass organizations still running the 20-year-old protocol, Neodyme showed how epoxy and NAND chips won't save your drone firmware from physical extraction, and OpenCode shipped a CVSS 10.0 auto-RCE server with zero auth that any localhost process could exploit. On the tooling front, we're seeing interactive eBPF learning platforms, graph-based code navigation for AI agents, and standardized HTTP rate-limit headers finally emerging as IETF guidance to stop retry storms before 429s hit.

🌶️ 🌶️ This Week in AppSec World 🌶️ 🌶️

Wiz discovered "CodeBreach," a misconfiguration in AWS CodeBuild that let attackers extract GitHub admin tokens from build processes and gain write access to the AWS JavaScript SDK repository—a library used by 66% of cloud environments and the AWS Console itself. The attack could have enabled pushing malicious code directly into production NPM releases, potentially compromising every AWS account globally. AWS patched the vulnerability in August 2025 within 48 hours of disclosure, with no evidence of exploitation in the wild.

Neodyme researchers physically extracted firmware from a Potensic Atom 2 drone by desoldering the epoxy-glued NAND chip and dumping its contents via SPI, then reverse-engineered the chip's undocumented error-correcting code (ECC) layout by analyzing entropy patterns to distinguish user data from correction bytes and recover clean firmware despite random bit flips. The writeup demonstrates how commercial IoT devices ship with unencrypted firmware storage and weak physical protections, enabling full firmware extraction with moderate hardware skills—emphasizing the need for secure boot chains, encrypted storage, and hardware-backed key management when the threat model includes physical device access.

Tony Finch's article details the IETF's ongoing standardization of HTTP RateLimit headers (RateLimit-Limit, RateLimit-Remaining, RateLimit-Reset) that enable servers to proactively communicate rate-limiting quotas to clients before 429 responses occur, reducing unnecessary retry storms and enabling smarter client-side backoff strategies. From a security perspective, this standardization improves DoS mitigation and abuse prevention by giving API gateways and intermediaries explicit, machine-readable throttling signals instead of relying on ad-hoc X-RateLimit-* implementations that vary across vendors.

Google-owned Mandiant released comprehensive Net-NTLMv1 rainbow tables on Google Cloud to deliberately lower the barrier for demonstrating the protocol's total insecurity, allowing anyone with consumer hardware under $600 to crack captured challenge-response hashes and recover Active Directory credentials in under 12 hours—a move intended to force organizations to finally disable this 20-year-deprecated protocol. Organizations still running Net-NTLMv1 face trivial credential theft via authentication coercion attacks (like PetitPotam) that can compromise domain controllers and enable full AD takeover; immediate remediation requires setting Group Policy to "Send NTLMv2 response only" and migrating legacy systems off NTLMv1.

Handling secrets (somewhat) securely in shells

The post demonstrates how secrets leak through shell command-line arguments (visible in /proc to all processes), shell history files, and exported environment variables that propagate to child processes, with tools like Terraform particularly risky since they spawn multiple provider processes that inherit the entire environment. Recommended mitigations include using process substitution (@<(echo ...)) to avoid writing secrets to persistent files, combining read -rs with shell variables (not exported) to prevent history leakage, and explicitly passing secrets only to commands that need them rather than polluting the environment.

The Svelte team disclosed five CVEs on January 14, 2026, with the most critical being a DoS vulnerability affecting SvelteKit apps that use pre-rendering without setting the ORIGIN environment variable, and an XSS flaw in Svelte 5's component hydration when handling unsanitized user input. Apps using the experimental remoteFunctions feature are also at risk of memory exhaustion attacks through specially crafted payloads. Developers should upgrade to the latest patched versions (devalue 5.6.2, svelte 5.46.4, @sveltejs/kit 2.49.5, @sveltejs/adapter-node 5.5.1) immediately.

🤖 This Week in AI Security 🤖

OpenCode (npm opencode-ai) shipped with CVE-2026-22812, a CVSS 10.0 unauthenticated RCE vulnerability where the tool auto-spawned a local HTTP server on port 4096+ with zero authentication, exposing endpoints for shell execution, PTY sessions, and file access that allowed any website (pre-CORS fix) or local process to silently run arbitrary commands as the current user. Versions before 1.1.10 were critically vulnerable with the server enabled by default and invisible to users, while post-1.1.10 the server is disabled by default but remains exploitable when manually enabled, with the --mdns flag expanding the attack surface to the entire local network.

🏆 AppSec Tools of The Week 🏆

Code-Pathfinder creator (that’s me 👋) built an MCP server exposing indexed call graphs directly to AI agents—no more grepping through files for "who calls this?" or dependency queries. Instant answers across repos/microservices boost trust and iteration speed for security engineers doing code analysis.

Nogic is a VS Code extension and upcoming standalone IDE that visualizes codebases as interactive graphs of files, symbols, and dependencies to help developers and AI agents understand architectural relationships hidden in traditional folder hierarchies, with plans for deep AI integration to provide global relational context for large-scale code analysis and modification.

eBPF.party is an interactive browser-based learning platform that lets developers write, compile, and execute eBPF (extended Berkeley Packet Filter) programs directly in their browser through hands-on exercises, eliminating the need for local kernel setup or VMs. The open-source project provides a low-friction entry point for security engineers and system programmers to experiment with kernel-level observability, network filtering, and security monitoring capabilities that eBPF enables.

And that’s a wrap for this week! If you enjoy this curated issue, feel free to forward or share it with your appsec folks, team, hackerclub. If you’re interested in guest blog post, including your blog, sponsoring appsec weekly, opinions feel free to email [email protected]