Supply chain

CISA adds Daemon Tools, TanStack, and Nx Console compromised versions to KEV catalog

As detailed in Security Affairs, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to address them by June 10, 2026.

The vulnerabilities include compromised versions of Daemon Tools Lite (CVE-2026-8398), TanStack npm packages (CVE-2026-45321), and the Nx Console extension (CVE-2026-48027) resulting from recent supply chain attacks. The Daemon Tools Lite vulnerability was a supply chain attack where official installers were compromised between April and May 2026, appearing legitimate due to valid code-signing certificates. The TanStack flaw involved attackers abusing GitHub Actions to publish 84 malicious package versions containing credential-stealing malware. The Nx Console issue was a malicious version briefly available on the Visual Studio Marketplace and OpenVSX.

CISA mandates that federal agencies patch these vulnerabilities to mitigate risks. Private organizations are also strongly encouraged to review the KEV catalog and remediate these issues within their own infrastructures to prevent exploitation.

Source: Security Affairs

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds