Critical Vulnerabilities in Claude AI Plugin, Azure Priv‑Escalation, and Kali365 MFA Bypass Highlight Growing Supply‑Chain Threat Landscape
What Happened — A ThreatsDay bulletin reported four high‑impact findings: a remote‑code execution flaw in the Claude AI security plugin, an Azure privilege‑escalation misconfiguration, a bypass of Kali365’s multi‑factor authentication, and a wave of FIFA‑branded phishing scams. Each issue enables attackers to move from limited footholds to full‑account compromise across cloud and AI services.
Why It Matters for TPRM —
- Supply‑chain components (AI plugins, cloud management tools) can become attack vectors for downstream customers.
- Privilege‑escalation in Azure threatens the confidentiality of data stored in SaaS and IaaS environments.
- MFA bypass techniques erode the effectiveness of a core security control relied upon by most vendors.
Who Is Affected — Cloud service providers, AI‑tool vendors, enterprise SaaS platforms, and end‑users of gaming‑related services.
Recommended Actions — Review contracts for AI‑plugin usage, validate Azure configuration baselines, enforce MFA hardening (hardware tokens, risk‑based authentication), and update phishing awareness training to include recent FIFA scam templates.
Technical Notes —
- Claude Plugin: CVE‑2026‑0012, RCE via unsanitized JSON payloads.
- Azure: Misconfigured role‑based access control allowing “Owner” rights to low‑privilege service principals.
- Kali365: Logic flaw in time‑based OTP verification that can be replayed.
- FIFA Scams: Phishing sites leveraging compromised domains to harvest credentials.