Incident CVE-2026-LGTM

Vulnerability Disclosure, Incident Report, Security Breach(nesbitt.io)view on HackerNews

foxhole-lz4CVE-2026-LGTMAI-powered securityvulnerability disclosuresecurity breachcredential exfiltration

Author: mooreds

Date: 6/26/2026

Article Summary:

A malicious package, foxhole-lz4, was able to evade detection by multiple AI-powered security gates and cause a security breach, leading to the exfiltration of registry tokens.