Phoenix Security

• Entity ID: ent-20260419-18fab0493cad
• Type: organization
• Scope: shared
• Status: active
• Aliases: Phoenix Security ASPM, Phoenix Purple

Description

AppSec firm run by Francesco Cipollone. Used their Phoenix Purple pipeline to narrow 100 hypotheses -> 8 vulnerabilities -> 3 confirmed exploits (CVE-2026-35020/35021/35022) against Claude Code CLI.

Key claims

• none yet

Relations

• Phoenix Security --[caused]--> Execa Command Injection (VULN-01/02/03)
• Phoenix Security --[owns]--> Phoenix Security Kill Chain

Sources

src-20260419-cfed81b8d6a5