In the rapidly evolving world of cyberattacks, it is essential to stay informed about the latest threat trends and take countermeasures. In particular, new attack methods and vulnerabilities that may target Japanese companies in the near future, although not yet widely recognized in Japan, are being reported one after another. In this article, we have selected four threats of particular importance to Japanese companies from security news published in the past seven days and will explain their overview and countermeasures.

1. Axios npm package supply chain attack (involving North Korean actors)

Malicious versions (1.14.1 and 0.30.4) of the popular JavaScript HTTP client "Axios" (over 100 million weekly downloads) have been released. Maintainer accounts have been hijacked, a fake dependency (plain-crypto-js@4.2.1) has been injected into package.json, and a cross-platform Remote Access Trojan (RAT) is deployed during installation. It targets macOS/Windows/Linux and operates without leaving a trace.

Impact on Japanese companies : This attack is widely used in manufacturing and IT companies that heavily utilize web development and Node.js environments, and directly targets the supply chain of developers.

2. Fake browser extensions disguised as AI assistants

Taking advantage of the popularity of generative AIs like ChatGPT and Gemini, a large number of malicious extensions with names such as "AI Assistant" and "Gemini AI Sidebar" are being distributed on the Chrome Web Store and other platforms. These extensions collect LLM chat history, browser data, emails, and more, and have been detected in over 20,000 corporate tenants.

Impact on Japanese companies : In Japanese companies, where the use of browser extensions is active due to the increase in remote work, these extensions are easily adopted as tools to improve work efficiency, which increases the risk of leakage of intellectual property and confidential information.

Countermeasures : Restrict extension installation through policies (only allow corporate-managed installations). Verify permissions before installation (especially read/write permissions), and conduct regular reviews. Enable detection with Microsoft Defender or similar tools.

3. Cisco IMC Authentication Bypass Vulnerability (CVE-2026-20093)

A critical vulnerability (CVSS 9.8) has been discovered and fixed in Cisco Integrated Management Controller (IMC), allowing an unauthenticated remote attacker to exploit the password change function to bypass authentication and gain administrator privileges. The vulnerability allows for changing any user's password with a single HTTP POST request.

Impact on Japanese companies : IMC is used by manufacturing companies and data center operators that handle a large amount of servers and network equipment, and this could lead to a takeover at the infrastructure level.

Countermeasures : Immediately apply the Cisco-provided patch. Minimize external exposure to the IMC (restrict it with VPN/firewall), implement a strong password policy and multi-factor authentication (MFA), and enhance log monitoring.

4. Sandbox escape vulnerability in Cohere AI Terrarium Sandbox (CVE-2026-5752)

A vulnerability (CVSS 9.3) has been reported in Terrarium, a Python-based sandbox environment developed by Cohere AI, which allows for arbitrary code execution with root privileges on the host process through JavaScript prototype chain manipulation. There is a risk of container escape in LLM-generated code execution environments.

Impact on Japanese companies : As more companies adopt code generation and execution environments utilizing generative AI, new AI-related technologies are prone to becoming security vulnerabilities.

Countermeasures : Ensure Terrarium is running the latest version or has all patches applied. When using the sandbox, adhere to the principle of least privilege and implement network isolation. Limit the execution of AI-generated code to trusted environments and perform regular vulnerability scans.

Japanese companies urgently need to improve visibility across their entire supply chain and conduct thorough risk assessments when introducing new AI/open-source related technologies. The threats in question are all classic examples of attacks disguised as "trustworthy" sources. We recommend regularly checking reliable security media such as CISA, Cisco Security Advisory, and The Hacker News as sources of information, and taking swift action in cooperation with your internal security team and vendors.

(This article is based on publicly available information as of late April 2026. Applying the latest patch should be your top priority.)

sauce

1. Axios npm package supply chain attack (involving North Korean actors)

Supply Chain Compromise Impacts Axios Node Package Manager

2. Fake browser extensions disguised as AI assistants

Malicious AI Assistant Extensions Harvest LLM Chat Histories

3. Cisco IMC Authentication Bypass Vulnerability (CVE-2026-20093)

Cisco Integrated Management Controller Authentication Bypass Vulnerability

4. Sandbox escape vulnerability in Cohere AI Terrarium Sandbox (CVE-2026-5752)

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

How PIPELINE Co., Ltd. can help you

The four threats discussed here all share the common characteristic of being difficult to detect and defend against using traditional "perimeter defenses" alone. In particular, attacks are targeting "invisible areas" such as supply chains, AI environments, and publicly accessible assets, increasing the risk that companies are unaware of.

PIPELINE Co., Ltd. can provide the following support for these less visible risks:

1. Visualization and risk detection of publicly available assets

• Based on our company's domain and related assets, we comprehensively understand our IT assets visible on the internet.

• Identifying unintentionally exposed administration panels and vulnerable services.

• Identifying risks from the attacker's perspective

👉 Also supports the detection of "externally accessible management interfaces" such as Cisco IMC.

2. Continuous monitoring of supply chain risks

• Detecting risks originating from OSS and external services from an external perspective.

• Early detection of suspicious communication destinations and signs of malware behavior.

• Strengthening "entry point measures," including the development environment.

👉 Even in cases of malware infection via npm or GitHub, detection is supplemented by abnormal communication and behavior.

3. Detection of abnormal behavior and early identification of incidents

• Detects unusual changes in communication or access.

• Risk monitoring based on behavior "after intrusion"

• Supporting initial response before damage escalates.

👉 Effective as a countermeasure against backdoors that exploit legitimate tools and attacks that evade detection.

4. Visualizing risks when introducing new technologies (including AI and cloud computing)

• Check the external exposure status of the AI environment and development environment.

• Risk assessment of sandbox and testing environments

• Identifying any "oversights" in newly introduced technologies

👉 Supporting risk assessment in "presumably safe environments" like Cohere Terrarium.

Key points this time

To summarize these four threats, the following three points are crucial:

• "Things you trust" become attack vectors.

• What matters is "how it looks from the outside," not how it looks from within the company.

• Surveillance that assumes intrusion is necessary.

In other words,

We are now in an era where "finding" is the prerequisite, rather than simply "protecting."

At PIPELINE, we support companies in strengthening their security systems by providing external risk visualization and continuous monitoring to address these changes.

✦ Finally

Thank you for reading this far.

We at PIPELINE Corporation are a group of experts specializing in cybersecurity and threat intelligence.

We face threats together with our customers on-site every day.

"Even if we have a specialized team within the company, we lack the resources," "We don't know where to start," and "We want to prepare realistically, assuming we will be attacked."

We receive many inquiries like this. Regardless of the size of the company, the current situation is that weak points in defense are easily targeted.

Furthermore, trying to handle everything internally inevitably makes it easier for things to be overlooked.

That's why we focus on practical methods that are useful in the field, rather than idealistic theories, and propose a small-scale, easy-to-implement approach. Even "a small step within your capabilities" can make a big difference in safety.

If you have any concerns at all, please feel free to contact us. Let's work together to find the quickest way to strengthen your security.