Collaborate Disseminate
TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software development kit (SDK) for the Telnyx AI Voice Agent service. According to Endor Lab… Continue reading TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection vulnerability in Langflow, an open-source framework for… Continue reading CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation
Telecommunications providers around the world have been dealing with the burrowing efforts of the China-linked APTs for many years now. To help them identify hard-to-detect implants used by the China-based group dubbed Red Menshen, Rapid7 researchers h… Continue reading Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in late 2025. The latest victim of the group is BerryAI’s popular LiteLLM li… Continue reading LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
Citrix has fixed two vulnerabilities in NetScaler ADC and NetScaler Gateway, with the more serious flaw (CVE-2026-3055) potentially allowing attackers to extract active session tokens from the memory of affected devices. Anil Shetty, senior VP of Engin… Continue reading Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)
A large-scale malware delivery campaign has been targeting developers, gamers, and general users through fake tools hosted on GitHub, Netskope researchers have warned. These “lures” are highly polished and appear legitimate, occasionally mi… Continue reading GitHub-hosted malware campaign uses split payload to evade detection
Oracle has released an out-of-band patch for a critical and easily exploitable vulnerability (CVE-2026-21992) in Oracle Identity Manager and Oracle Web Services Manager. The company did not say whether the vulnerability has been exploited as a zero-day… Continue reading Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992)
A critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) that Cisco disclosed and patched in early March 2026 has been exploited as a zero-day by the Interlock ransomware gang, Amazon CISO and VP of Security Engineerin… Continue reading Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)
ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted authentication. About CVE-2026-3564 The ScreenConnect remote access platform … Continue reading Unpatched ScreenConnect servers open to attack (CVE-2026-3564)
A powerful iPhone hacking toolkit dubbed “DarkSword” has been used since November 2025 to compromise devices by exploiting zero-day iOS vulnerabilities, Google researchers have shared. iOS vulnerabilities exploited by DarkSword Two weeks ag… Continue reading DarkSword: Researchers uncover another iOS exploit kit