Collaborate Disseminate
Cisco has fixed ten vulnerabilities affecting its Integrated Management Controller (IMC), the most critical of which (CVE-2026-20093) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. Cisco… Continue reading Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)
CERT-EU confirmed that ShinyHunters are behind the recent breach of the cloud infrastructure underpinning websites of the European Commission, and that they stole and subsequently leaked approximately 340 GB of data. “Analysis of the published da… Continue reading Trivy supply chain attack enabled European Commission cloud breach
After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx … Continue reading Software supply chain hacks trigger wave of intrusions, data theft
The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the work of financially-motivated North Korean attackers. Links to UNC1069 On March 31, 2026, unknown… Continue reading North Korean hackers linked to Axios npm supply chain compromise
Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, information about the fixed zero-day is limited, and there’s no details… Continue reading Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)
Security researchers report a notable increase in device code phishing activity aimed at Microsoft 365 users, and have attributed this rise to the availability of EvilTokens, a new, specialized phishing toolkit that’s being offered as-a-service v… Continue reading EvilTokens ramps up device code phishing targeting Microsoft 365 users
An unknown attacker has compromised the GitHub and npm accounts of the main developer of Axios, a widely used HTTP client library, and published npm packages backdoored with a malicious dependency that triggered the installation of droppers and remote … Continue reading Axios npm packages backdoored in supply chain attack
TeamPCP’s destructive run of supply chain breaches has stopped, for now: it has been three days since the group published malicious versions of Telnyx’s SDK on PyPI, and there haven’t been reports of new open-source project compromises. Par… Continue reading TeamPCP’s attack spree slows, but threat escalates with ransomware pivot
A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under active exploitation. The warning comes from Defused Cyb… Continue reading Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)
A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US Cybersecurity and Infrastructure Security Agency warned on Friday. CISA added… Continue reading Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)