@blamejs/exceptd-skills 0.13.5 → 0.13.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +16 -0
- package/CHANGELOG.md +28 -0
- package/bin/exceptd.js +28 -8
- package/data/_indexes/_meta.json +8 -8
- package/data/_indexes/activity-feed.json +18 -18
- package/data/_indexes/catalog-summaries.json +6 -6
- package/data/_indexes/chains.json +3943 -0
- package/data/_indexes/frequency.json +3 -0
- package/data/atlas-ttps.json +74 -1
- package/data/attack-techniques.json +125 -8
- package/data/cve-catalog.json +1964 -2
- package/data/framework-control-gaps.json +47 -4
- package/data/zeroday-lessons.json +1749 -2
- package/manifest.json +44 -44
- package/orchestrator/index.js +11 -1
- package/package.json +1 -1
- package/sbom.cdx.json +18 -18
package/data/atlas-ttps.json
CHANGED
|
@@ -85,6 +85,7 @@
|
|
|
85
85
|
"maturity": "high",
|
|
86
86
|
"last_verified": "2026-05-15",
|
|
87
87
|
"cve_refs": [
|
|
88
|
+
"CVE-2025-68664",
|
|
88
89
|
"CVE-2026-30623",
|
|
89
90
|
"CVE-2026-42945"
|
|
90
91
|
]
|
|
@@ -127,11 +128,14 @@
|
|
|
127
128
|
"maturity": "high",
|
|
128
129
|
"last_verified": "2026-05-15",
|
|
129
130
|
"cve_refs": [
|
|
131
|
+
"CVE-2026-22778",
|
|
130
132
|
"CVE-2026-30615",
|
|
131
133
|
"CVE-2026-39987",
|
|
132
134
|
"CVE-2026-45321",
|
|
135
|
+
"MAL-2024-PYPI-ULTRALYTICS-XMRIG",
|
|
133
136
|
"MAL-2026-3083",
|
|
134
137
|
"MAL-2026-NODE-IPC-STEALER",
|
|
138
|
+
"MAL-2026-RUBYGEMS-BUFFERZONECORP-SLEEPER",
|
|
135
139
|
"MAL-2026-SHAI-HULUD-OSS",
|
|
136
140
|
"MAL-2026-TANSTACK-MINI"
|
|
137
141
|
]
|
|
@@ -307,7 +311,13 @@
|
|
|
307
311
|
"exceptd_skills": [],
|
|
308
312
|
"secure_ai_v2_layer": true,
|
|
309
313
|
"maturity": "high",
|
|
310
|
-
"last_verified": "2026-05-15"
|
|
314
|
+
"last_verified": "2026-05-15",
|
|
315
|
+
"cve_refs": [
|
|
316
|
+
"CVE-2025-10725",
|
|
317
|
+
"CVE-2025-53767",
|
|
318
|
+
"CVE-2025-6965",
|
|
319
|
+
"MAL-2025-AI-FOUND-FFMPEG-BIGSLEEP"
|
|
320
|
+
]
|
|
311
321
|
},
|
|
312
322
|
"AML.T0043": {
|
|
313
323
|
"id": "AML.T0043",
|
|
@@ -405,6 +415,7 @@
|
|
|
405
415
|
"maturity": "moderate",
|
|
406
416
|
"last_verified": "2026-05-15",
|
|
407
417
|
"cve_refs": [
|
|
418
|
+
"CVE-2026-22778",
|
|
408
419
|
"CVE-2026-45321"
|
|
409
420
|
]
|
|
410
421
|
},
|
|
@@ -450,6 +461,8 @@
|
|
|
450
461
|
"last_verified": "2026-05-15",
|
|
451
462
|
"cve_refs": [
|
|
452
463
|
"CVE-2025-53773",
|
|
464
|
+
"CVE-2025-55319",
|
|
465
|
+
"CVE-2025-68664",
|
|
453
466
|
"CVE-2026-30615",
|
|
454
467
|
"CVE-2026-39884",
|
|
455
468
|
"CVE-2026-39987"
|
|
@@ -986,5 +999,65 @@
|
|
|
986
999
|
"secure_ai_v2_layer": true,
|
|
987
1000
|
"maturity": "moderate",
|
|
988
1001
|
"last_verified": "2026-05-15"
|
|
1002
|
+
},
|
|
1003
|
+
"AML.T0007": {
|
|
1004
|
+
"id": "AML.T0007",
|
|
1005
|
+
"name": "Discover ML Artifacts",
|
|
1006
|
+
"tactic": "Reconnaissance",
|
|
1007
|
+
"description": "Adversary enumerates ML artifacts available locally or remotely after gaining initial access — model files, training datasets, model registries, tokenizer files, configuration. Distinct from AML.T0001 (Victim Research, pre-access) — this is post-access enumeration of the ML attack surface to plan downstream actions like poisoning, theft, or evasion.",
|
|
1008
|
+
"subtechniques": [],
|
|
1009
|
+
"real_world_instances": [],
|
|
1010
|
+
"framework_gap": true,
|
|
1011
|
+
"framework_gap_detail": "ML artifact enumeration is rarely covered by data-loss-prevention controls — operators treat model files as code, not data.",
|
|
1012
|
+
"controls_that_partially_help": [],
|
|
1013
|
+
"controls_that_dont_help": [],
|
|
1014
|
+
"detection": "File-access auditing on model registries + tokenizer / weights paths; anomalous read patterns from non-training service accounts.",
|
|
1015
|
+
"exceptd_skills": [],
|
|
1016
|
+
"last_verified": "2026-05-18",
|
|
1017
|
+
"cve_refs": [
|
|
1018
|
+
"CVE-2026-7482"
|
|
1019
|
+
]
|
|
1020
|
+
},
|
|
1021
|
+
"AML.T0011": {
|
|
1022
|
+
"id": "AML.T0011",
|
|
1023
|
+
"name": "User Execution",
|
|
1024
|
+
"tactic": "Initial Access",
|
|
1025
|
+
"description": "Adversary relies on a user to execute malicious ML artifacts — a poisoned model, a malicious pickle file, a typosquatted ML library — to gain code execution in the user context. Bridges traditional supply-chain TTPs into the ML domain where unpickling a model file is a code-execution vector.",
|
|
1026
|
+
"subtechniques": [],
|
|
1027
|
+
"real_world_instances": [
|
|
1028
|
+
"MAL-2024-PYPI-ULTRALYTICS-XMRIG — operators executing a typosquatted AI library imported a crypto-miner payload alongside genuine vision-model inference code."
|
|
1029
|
+
],
|
|
1030
|
+
"framework_gap": true,
|
|
1031
|
+
"framework_gap_detail": "No framework requires AI/ML library install-time integrity verification.",
|
|
1032
|
+
"controls_that_partially_help": [
|
|
1033
|
+
"NIST-800-53-SI-7"
|
|
1034
|
+
],
|
|
1035
|
+
"controls_that_dont_help": [],
|
|
1036
|
+
"detection": "Install-time package-integrity verification with vendor allowlist; runtime sandbox on first-time-loaded model files.",
|
|
1037
|
+
"exceptd_skills": [],
|
|
1038
|
+
"last_verified": "2026-05-18",
|
|
1039
|
+
"cve_refs": [
|
|
1040
|
+
"MAL-2024-PYPI-ULTRALYTICS-XMRIG"
|
|
1041
|
+
]
|
|
1042
|
+
},
|
|
1043
|
+
"AML.T0047": {
|
|
1044
|
+
"id": "AML.T0047",
|
|
1045
|
+
"name": "LLM Meta Prompt Extraction",
|
|
1046
|
+
"tactic": "Credential Access",
|
|
1047
|
+
"description": "Adversary extracts a system prompt, tool definitions, or hidden instructions from an LLM-backed application via prompt-injection that coerces the model into revealing its meta-configuration. Recovered prompts feed downstream attacks (impersonation, jailbreak refinement, sensitive-tool discovery).",
|
|
1048
|
+
"subtechniques": [],
|
|
1049
|
+
"real_world_instances": [
|
|
1050
|
+
"CVE-2025-53767 — Azure OpenAI Service SSRF chained with prompt-injection to extract meta-prompt + tool registration."
|
|
1051
|
+
],
|
|
1052
|
+
"framework_gap": true,
|
|
1053
|
+
"framework_gap_detail": "No framework treats LLM meta-prompt as a credential class; rotation, scoping, and exposure-detection controls are absent.",
|
|
1054
|
+
"controls_that_partially_help": [],
|
|
1055
|
+
"controls_that_dont_help": [],
|
|
1056
|
+
"detection": "Output-side filtering for system-prompt fingerprints; query-side anomaly detection on injection-class inputs targeting <system>, <SYS>, role:system patterns.",
|
|
1057
|
+
"exceptd_skills": [],
|
|
1058
|
+
"last_verified": "2026-05-18",
|
|
1059
|
+
"cve_refs": [
|
|
1060
|
+
"CVE-2025-53767"
|
|
1061
|
+
]
|
|
989
1062
|
}
|
|
990
1063
|
}
|
|
@@ -99,8 +99,12 @@
|
|
|
99
99
|
"DS0017"
|
|
100
100
|
],
|
|
101
101
|
"cve_refs": [
|
|
102
|
+
"CVE-2025-1094",
|
|
102
103
|
"CVE-2025-11837",
|
|
103
104
|
"CVE-2025-53773",
|
|
105
|
+
"CVE-2025-55319",
|
|
106
|
+
"CVE-2025-68664",
|
|
107
|
+
"CVE-2026-22778",
|
|
104
108
|
"CVE-2026-30615",
|
|
105
109
|
"CVE-2026-30623",
|
|
106
110
|
"CVE-2026-32202",
|
|
@@ -120,6 +124,7 @@
|
|
|
120
124
|
"name": "Command and Scripting Interpreter: Python",
|
|
121
125
|
"version": "v19",
|
|
122
126
|
"cve_refs": [
|
|
127
|
+
"CVE-2025-49844",
|
|
123
128
|
"MAL-2026-3083"
|
|
124
129
|
]
|
|
125
130
|
},
|
|
@@ -127,6 +132,7 @@
|
|
|
127
132
|
"name": "Command and Scripting Interpreter: JavaScript",
|
|
128
133
|
"version": "v19",
|
|
129
134
|
"cve_refs": [
|
|
135
|
+
"CVE-2025-0133",
|
|
130
136
|
"CVE-2026-45321",
|
|
131
137
|
"MAL-2026-NODE-IPC-STEALER"
|
|
132
138
|
]
|
|
@@ -135,6 +141,12 @@
|
|
|
135
141
|
"name": "Exploitation for Privilege Escalation",
|
|
136
142
|
"version": "v19",
|
|
137
143
|
"cve_refs": [
|
|
144
|
+
"CVE-2025-10725",
|
|
145
|
+
"CVE-2025-22224",
|
|
146
|
+
"CVE-2025-22225",
|
|
147
|
+
"CVE-2025-24201",
|
|
148
|
+
"CVE-2025-38352",
|
|
149
|
+
"CVE-2025-43300",
|
|
138
150
|
"CVE-2025-62849",
|
|
139
151
|
"CVE-2026-0300",
|
|
140
152
|
"CVE-2026-31431",
|
|
@@ -156,6 +168,7 @@
|
|
|
156
168
|
"cve_refs": [
|
|
157
169
|
"CVE-2020-10148",
|
|
158
170
|
"CVE-2024-1709",
|
|
171
|
+
"CVE-2025-21085",
|
|
159
172
|
"CVE-2026-20182",
|
|
160
173
|
"CVE-2026-33825",
|
|
161
174
|
"CVE-2026-39884",
|
|
@@ -184,13 +197,19 @@
|
|
|
184
197
|
"name": "Valid Accounts: Cloud Accounts",
|
|
185
198
|
"version": "v19",
|
|
186
199
|
"cve_refs": [
|
|
200
|
+
"CVE-2025-53767",
|
|
201
|
+
"CVE-2025-55241",
|
|
187
202
|
"CVE-2026-45321",
|
|
188
|
-
"MAL-2026-3083"
|
|
203
|
+
"MAL-2026-3083",
|
|
204
|
+
"MAL-2026-RUBYGEMS-BUFFERZONECORP-SLEEPER"
|
|
189
205
|
]
|
|
190
206
|
},
|
|
191
207
|
"T1098": {
|
|
192
208
|
"name": "Account Manipulation",
|
|
193
|
-
"version": "v19"
|
|
209
|
+
"version": "v19",
|
|
210
|
+
"cve_refs": [
|
|
211
|
+
"CVE-2025-55241"
|
|
212
|
+
]
|
|
194
213
|
},
|
|
195
214
|
"T1098.001": {
|
|
196
215
|
"name": "Account Manipulation: Additional Cloud Credentials",
|
|
@@ -234,19 +253,27 @@
|
|
|
234
253
|
"CVE-2023-3519",
|
|
235
254
|
"CVE-2024-1709",
|
|
236
255
|
"CVE-2024-21762",
|
|
256
|
+
"CVE-2025-1094",
|
|
237
257
|
"CVE-2025-12686",
|
|
258
|
+
"CVE-2025-14847",
|
|
259
|
+
"CVE-2025-49844",
|
|
260
|
+
"CVE-2025-53767",
|
|
238
261
|
"CVE-2025-53773",
|
|
239
262
|
"CVE-2025-59389",
|
|
240
263
|
"CVE-2025-62847",
|
|
241
264
|
"CVE-2025-62848",
|
|
265
|
+
"CVE-2025-6965",
|
|
242
266
|
"CVE-2026-0300",
|
|
243
267
|
"CVE-2026-20182",
|
|
268
|
+
"CVE-2026-22778",
|
|
244
269
|
"CVE-2026-32202",
|
|
245
270
|
"CVE-2026-39987",
|
|
246
271
|
"CVE-2026-42208",
|
|
247
272
|
"CVE-2026-42897",
|
|
248
273
|
"CVE-2026-42945",
|
|
249
|
-
"CVE-2026-6973"
|
|
274
|
+
"CVE-2026-6973",
|
|
275
|
+
"CVE-2026-7482",
|
|
276
|
+
"MAL-2025-AI-FOUND-FFMPEG-BIGSLEEP"
|
|
250
277
|
]
|
|
251
278
|
},
|
|
252
279
|
"T1195": {
|
|
@@ -269,8 +296,11 @@
|
|
|
269
296
|
"cve_refs": [
|
|
270
297
|
"CVE-2024-3094",
|
|
271
298
|
"CVE-2026-45321",
|
|
299
|
+
"MAL-2024-PYPI-ULTRALYTICS-XMRIG",
|
|
300
|
+
"MAL-2025-PYPI-COLORAMA-SOLANA-STEALER",
|
|
272
301
|
"MAL-2026-3083",
|
|
273
302
|
"MAL-2026-NODE-IPC-STEALER",
|
|
303
|
+
"MAL-2026-RUBYGEMS-BUFFERZONECORP-SLEEPER",
|
|
274
304
|
"MAL-2026-SHAI-HULUD-OSS"
|
|
275
305
|
]
|
|
276
306
|
},
|
|
@@ -280,11 +310,23 @@
|
|
|
280
310
|
},
|
|
281
311
|
"T1203": {
|
|
282
312
|
"name": "Exploitation for Client Execution",
|
|
283
|
-
"version": "v19"
|
|
313
|
+
"version": "v19",
|
|
314
|
+
"cve_refs": [
|
|
315
|
+
"CVE-2025-10585",
|
|
316
|
+
"CVE-2025-14174",
|
|
317
|
+
"CVE-2025-24201",
|
|
318
|
+
"CVE-2025-43300",
|
|
319
|
+
"CVE-2025-43529",
|
|
320
|
+
"CVE-2025-4919",
|
|
321
|
+
"MAL-2025-AI-FOUND-FFMPEG-BIGSLEEP"
|
|
322
|
+
]
|
|
284
323
|
},
|
|
285
324
|
"T1212": {
|
|
286
325
|
"name": "Exploitation for Credential Access",
|
|
287
|
-
"version": "v19"
|
|
326
|
+
"version": "v19",
|
|
327
|
+
"cve_refs": [
|
|
328
|
+
"CVE-2025-14174"
|
|
329
|
+
]
|
|
288
330
|
},
|
|
289
331
|
"T1213": {
|
|
290
332
|
"name": "Data from Information Repositories",
|
|
@@ -355,12 +397,18 @@
|
|
|
355
397
|
},
|
|
356
398
|
"T1552": {
|
|
357
399
|
"name": "Unsecured Credentials",
|
|
358
|
-
"version": "v19"
|
|
400
|
+
"version": "v19",
|
|
401
|
+
"cve_refs": [
|
|
402
|
+
"CVE-2025-68664",
|
|
403
|
+
"MAL-2025-PYPI-COLORAMA-SOLANA-STEALER",
|
|
404
|
+
"MAL-2026-RUBYGEMS-BUFFERZONECORP-SLEEPER"
|
|
405
|
+
]
|
|
359
406
|
},
|
|
360
407
|
"T1552.001": {
|
|
361
408
|
"name": "Unsecured Credentials: Credentials In Files",
|
|
362
409
|
"version": "v19",
|
|
363
410
|
"cve_refs": [
|
|
411
|
+
"CVE-2025-21085",
|
|
364
412
|
"CVE-2026-30615",
|
|
365
413
|
"MAL-2026-3083",
|
|
366
414
|
"MAL-2026-NODE-IPC-STEALER",
|
|
@@ -514,7 +562,11 @@
|
|
|
514
562
|
],
|
|
515
563
|
"cve_refs": [
|
|
516
564
|
"CVE-2024-21626",
|
|
517
|
-
"CVE-2024-3154"
|
|
565
|
+
"CVE-2024-3154",
|
|
566
|
+
"CVE-2025-22224",
|
|
567
|
+
"CVE-2025-22225",
|
|
568
|
+
"CVE-2025-22226",
|
|
569
|
+
"CVE-2025-38352"
|
|
518
570
|
]
|
|
519
571
|
},
|
|
520
572
|
"T1613": {
|
|
@@ -659,6 +711,71 @@
|
|
|
659
711
|
},
|
|
660
712
|
"T1098.003": {
|
|
661
713
|
"name": "Account Manipulation: Additional Cloud Roles",
|
|
662
|
-
"version": "v19"
|
|
714
|
+
"version": "v19",
|
|
715
|
+
"cve_refs": [
|
|
716
|
+
"CVE-2025-10725"
|
|
717
|
+
]
|
|
718
|
+
},
|
|
719
|
+
"T1005": {
|
|
720
|
+
"name": "Data from Local System",
|
|
721
|
+
"version": "v19",
|
|
722
|
+
"cve_refs": [
|
|
723
|
+
"CVE-2025-14847",
|
|
724
|
+
"CVE-2025-22226",
|
|
725
|
+
"CVE-2026-7482"
|
|
726
|
+
]
|
|
727
|
+
},
|
|
728
|
+
"T1189": {
|
|
729
|
+
"name": "Drive-by Compromise",
|
|
730
|
+
"version": "v19",
|
|
731
|
+
"cve_refs": [
|
|
732
|
+
"CVE-2025-10585",
|
|
733
|
+
"CVE-2025-14174",
|
|
734
|
+
"CVE-2025-24201",
|
|
735
|
+
"CVE-2025-43529",
|
|
736
|
+
"CVE-2025-4919"
|
|
737
|
+
]
|
|
738
|
+
},
|
|
739
|
+
"T1496": {
|
|
740
|
+
"name": "Resource Hijacking",
|
|
741
|
+
"version": "v19",
|
|
742
|
+
"cve_refs": [
|
|
743
|
+
"MAL-2024-PYPI-ULTRALYTICS-XMRIG"
|
|
744
|
+
]
|
|
745
|
+
},
|
|
746
|
+
"T1498": {
|
|
747
|
+
"name": "Network Denial of Service",
|
|
748
|
+
"version": "v19",
|
|
749
|
+
"cve_refs": [
|
|
750
|
+
"CVE-2025-8671"
|
|
751
|
+
]
|
|
752
|
+
},
|
|
753
|
+
"T1499.001": {
|
|
754
|
+
"name": "Endpoint Denial of Service: OS Exhaustion Flood",
|
|
755
|
+
"version": "v19",
|
|
756
|
+
"cve_refs": [
|
|
757
|
+
"CVE-2025-8671"
|
|
758
|
+
]
|
|
759
|
+
},
|
|
760
|
+
"T1499.002": {
|
|
761
|
+
"name": "Endpoint Denial of Service: Service Exhaustion Flood",
|
|
762
|
+
"version": "v19",
|
|
763
|
+
"cve_refs": [
|
|
764
|
+
"CVE-2025-59529"
|
|
765
|
+
]
|
|
766
|
+
},
|
|
767
|
+
"T1539": {
|
|
768
|
+
"name": "Steal Web Session Cookie",
|
|
769
|
+
"version": "v19",
|
|
770
|
+
"cve_refs": [
|
|
771
|
+
"CVE-2025-0133"
|
|
772
|
+
]
|
|
773
|
+
},
|
|
774
|
+
"T1657": {
|
|
775
|
+
"name": "Financial Theft",
|
|
776
|
+
"version": "v19",
|
|
777
|
+
"cve_refs": [
|
|
778
|
+
"MAL-2025-PYPI-COLORAMA-SOLANA-STEALER"
|
|
779
|
+
]
|
|
663
780
|
}
|
|
664
781
|
}
|