Linux Kernel “Kill Switch”, npm Supply Chain Attack Hits TanStack and Mistral AI, Windows 11 BitUnlocker Cracks Disks in 5 Min
TLDR: Linux kernel maintainers are floating a controversial “kill switch” feature to disable vulnerable functions while patches are pending, splitting the infosec community.
A mass npm supply chain campaign published 400+ malicious versions across 170+ packages, sweeping in TanStack and Mistral AI dependencies.
A newly disclosed BitUnlocker downgrade attack on Windows 11 can unlock encrypted disks in roughly five minutes.
Full stories below…
Join us on BlueSky
🦋 Get live updates from PWN on BlueSky by following @pwnhackers.bsky.social
Got something worth sharing?
PWN is a community for hackers and security enthusiasts.
We feature the best posts in this newsletter and we’re looking for news stories, writeups, tools, tutorials, discussion threads, and questions that spark real conversation.
We are accepting submissions for: News stories; Tutorials/write-ups; Tools you built or found useful; Discussion threads; or Questions that spark good conversation.
Create a post, and you could be featured in the next email!
Our community is growing fast, with 935,000 views a month, 32,000 members, and 200+ new people joining daily. Drop a post and you might be featured.
Linux Kernel “Kill Switch” Sparks Heated Debate Among Security Experts
Linux maintainers are floating a controversial idea to disable vulnerable kernel functions on demand.
Co-maintainer Sasha Levin has proposed a privileged-user kill switch that would temporarily shut off vulnerable kernel functions while patches are pending. The proposal gained traction after recent high-severity flaws like Copy Fail and Dirty Frag.
Critics worry the feature could become a crutch that replaces proper patching, leaving systems exposed for longer and creating fresh operational risks when functions are disabled without understanding their downstream service impact.
Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages
A massive npm supply chain campaign just swept some of the biggest names in AI tooling.
Attackers published more than 400 malicious versions across 170+ packages, including those tied to TanStack and Mistral AI. Notably, no maintainer accounts were compromised, suggesting the attackers found another route in.
Reports point to abuse of GitHub Actions cache poisoning and trusted publishing workflows, letting malicious packages appear legitimately built. Exposed credentials likely include GitHub, cloud, and CI/CD tokens.
New BitUnlocker Downgrade Attack on Windows 11 Exposes Encrypted Disks
Researchers have shown that encrypted Windows 11 drives can be cracked open in roughly five minutes.
The BitUnlocker downgrade attack exploits a flaw in the Windows 11 encryption tool, letting attackers roll back the software and bypass security checks to reach data on encrypted disks.
Because the attack is fast and targets a widely deployed encryption layer, organizations relying on BitUnlocker should reassess their disk protection posture and watch for forthcoming mitigation guidance.
Join PWN on Reddit
PWN is where security people go to stay ahead.
Breach reports, exploits, vendor advisories, and the kind of conversations that make you better at your job, all in one feed.
We’re 32,000+ hackers and cybersecurity enthusiasts strong, with 935,000 monthly views and 200+ new members every day.
You’ll be in the same threads as journalists from Wired Magazine, Electronic Frontier Foundation, 404 Media, Fast Company, and The Guardian breaking the stories firsthand, plus security teams from vendors like Proton, Intigriti, and Hudson Rock sharing research and answering questions directly.
Why join:
Know what’s hitting before it hits you. Get the breach reports, exploits, and vendor advisories early so you can act before they become your problem.
Get sharper, not just busier. Skip the noise and learn from people actually doing the work, on the AI exploits, new defenses, and techniques that move your skills forward.
Make the career move you’ve been planning. Whether it’s your first paycheck in security or your jump from IT into offensive work, you’ll find members who’ve made it and are happy to help you do the same.
Be the person at work who already knows. Walk into Monday meetings ahead of the ransomware incidents and zero-days landing on your team’s radar, and earn the trust that comes with it.
Find your people. Trade ideas with hackers and pros who’ll actually answer your questions, in a community that stays high quality because the bots and noise get cleaned up.