Vulnerabilities & Exploits

Supply Chain Attacks and Malware Campaigns Dominate Weekly Threat Landscape

The TeamPCP supply chain campaign continues expanding with confirmed victims while threat actors leverage WhatsApp, fake installers, and phishing to deploy malware ranging from cryptocurrency miners to banking trojans. Multiple CVE disclosures affecting various open source components require attention.

Apr 2, 2026The Hacker News, SANS ISC, MSRC Security Updates

supply-chainmalwarephishing

🇺🇸Meta Platforms

highVulnerabilities & Exploits

Zero-Day Exploitation Surges: TrueConf Attack, North Korean Supply Chain Hit, and Living-Off-The-Land Tactics

Attackers are exploiting zero-day vulnerabilities in TrueConf video conferencing software targeting Southeast Asian governments and compromising the popular Axios npm package through North Korean threat actors. Meanwhile, cybercriminals are shifting tactics to abuse legitimate administrative tools already present in enterprise environments.

Apr 1, 2026The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates

zero-daysupply-chainliving-off-the-land

🏴Anonymous

🇺🇸Google🇺🇸Meta Platforms

criticalVulnerabilities & Exploits

Supply Chain Strikes and AI Vulnerabilities: Critical Axios Attack Highlights Week of Diverse Threats

A critical supply chain attack compromised the popular Axios HTTP client library through malicious npm packages, while OpenAI addressed ChatGPT data exfiltration flaws and Microsoft published numerous CVE advisories covering Chromium, libssh, and other components.

Mar 31, 2026The Hacker News, Microsoft Security, Qualys, SANS ISC, MSRC Security Updates

supply-chain-attacksnpm-packagesmalware

highVulnerabilities & Exploits

Vulnerability Intelligence Roundup: State-Sponsored Campaigns, Russian Toolkits, and the Secrets Sprawl Crisis

The secrets sprawl crisis intensified in 2025 with 29 million new hardcoded credentials discovered on GitHub, representing a 34% year-over-year increase. Meanwhile, Russian and Chinese threat actors continue sophisticated campaigns against government targets using custom toolkits and multi-stage malware deployments.

Mar 30, 2026The Hacker News, SANS ISC

secrets-sprawlstate-sponsoredrussian-toolkit

highVulnerabilities & Exploits

FBI Director's Email Compromised by Iranian Hackers as Microsoft Patches DNS Security Flaws

The Handala Hack Team successfully compromised FBI Director Kash Patel's personal email and leaked documents online. Meanwhile, Microsoft released patches for seven CVEs including critical DNS security flaws that could enable memory leaks and denial-of-service attacks.

Mar 29, 2026The Hacker News, MSRC Security Updates

iran-aptfbi-breachdns-vulnerabilities

criticalVulnerabilities & Exploits

CISA KEV Additions, TeamPCP Supply Chain Attacks, and Critical Infrastructure Under Fire

CISA confirmed active exploitation of a critical F5 BIG-IP vulnerability, while Citrix NetScaler faces reconnaissance for a CVSS 9.3 flaw. TeamPCP threat actors have expanded their supply chain campaign to target PyPI packages.

Mar 28, 2026The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates

cvecisa-kevsupply-chain

🇷🇺Star Blizzard

🇺🇸Apple

criticalVulnerabilities & Exploits

Vulnerability Roundup: TeamPCP Supply Chain Campaign Widens, AI Framework Flaws, and State-Sponsored Activity

A supply chain attack targeting security scanners has expanded beyond initial reports and been added to CISA's Known Exploited Vulnerabilities catalog. Meanwhile, critical vulnerabilities in popular AI frameworks LangChain and LangGraph could expose sensitive data, and state-sponsored groups continue targeted espionage campaigns.

Mar 27, 2026The Hacker News, SANS ISC, MSRC Security Updates

supply-chainransomwareai-security

highVulnerabilities & Exploits

Weekly Vulnerability Roundup: iOS Exploit Kit Reuses Triangulation Code, WebRTC Skimmer Bypasses CSP, Apple Patches 85 Flaws

Security researchers linked the Coruna iOS exploit kit to the 2023 Operation Triangulation campaign and discovered a WebRTC-based payment skimmer that bypasses Content Security Policy controls. Apple released patches for 85 vulnerabilities across all platforms with no active exploitation reported.

Mar 26, 2026The Hacker News, SANS ISC, MSRC Security Updates

ios-exploitsweb-skimmersapple-patches

🇺🇸Google🇺🇸Apple

criticalVulnerabilities & Exploits

TeamPCP Supply Chain Attacks Escalate with LiteLLM Compromise, Tax Season Malvertising Campaign Targets EDR

Supply chain threat actor TeamPCP has compromised the popular Python package LiteLLM with credential-stealing backdoors, while a sophisticated malvertising campaign exploits tax season searches to deploy EDR-bypassing malware. Microsoft released comprehensive guidance for detecting and defending against the ongoing Trivy supply chain compromise.

Mar 25, 2026The Hacker News, Microsoft Security, Qualys, SANS ISC, MSRC Security Updates

supply-chainmalvertisingedr-bypass

🇺🇸Google🇨🇳Huawei

criticalVulnerabilities & Exploits

Critical NetScaler Flaw, Supply Chain Attacks, and North Korean VS Code Exploitation

Citrix patched a critical NetScaler flaw enabling unauthenticated data access, while TeamPCP compromised more GitHub Actions and North Korean actors developed new VS Code malware distribution methods.

Mar 24, 2026The Hacker News, Microsoft Security, Qualys, SANS ISC, MSRC Security Updates

netscalersupply-chainnorth-korea

🇨🇳Winnti

criticalVulnerabilities & Exploits

CISA Adds Maximum Severity Cisco Vulnerability to KEV Catalog Amid Ransomware Exploitation

CISA has added CVE-2026-20131 to its Known Exploited Vulnerabilities catalog after confirming its use in active ransomware campaigns. Federal agencies must patch this maximum severity Cisco flaw under binding operational directive requirements.

Mar 23, 2026Infosecurity Magazine

cisa-kevciscoransomware

criticalVulnerabilities & Exploits

Critical CVSS 10.0 Quest KACE Exploit, IRS Phishing Campaign, and Supply Chain Attacks Dominate Threat Landscape

Arctic Wolf reports active exploitation of CVE-2025-32975 (CVSS 10.0) in Quest KACE systems, while Microsoft warns of tax season phishing campaigns affecting 29,000 users and deploying RMM malware. A supply chain attack on Trivy has spread infostealer malware through compromised Docker images.

Mar 23, 2026The Hacker News, Qualys, SANS ISC, MSRC Security Updates

quest-kacesupply-chain-attackphishing