Security news.
Today's security news highlights critical supply-chain attacks, including the hijacking of AppsFlyer's Web SDK and a significant escalation in the GlassWorm campaign targeting developers via Open VSX extensions. Additionally, Microsoft released an out-of-band hotpatch for a Windows 11 RCE flaw, and CISA added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog.
AppsFlyer Web SDK Hijacked in Crypto-Stealing Supply-Chain Attack
The AppsFlyer Web SDK was temporarily compromised with malicious JavaScript code designed to steal cryptocurrency in a recent supply-chain attack.
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions
A new iteration of the GlassWorm campaign is significantly escalating its propagation by abusing extensionPack and extensionDependencies in 72 Open VSX extensions to target developers.
Microsoft Releases Windows 11 OOB Hotpatch for RRAS RCE Flaw
Microsoft has issued an out-of-band update to address a remote code execution (RCE) vulnerability affecting Windows 11 Enterprise devices that receive hotpatch updates.
Critical HPE AOS-CX Vulnerability Allows Admin Password Resets
A critical vulnerability in HPE AOS-CX allows unauthenticated, remote attackers to reset administrator passwords and bypass authentication controls.
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added CVE-2026-3909 (Google Skia Out-of-Bounds Write) and CVE-2026-3910 (Google Chromium V8 Unspecified Vulnerability) to its KEV Catalog due to active exploitation.
OpenClaw AI Agent Flaws Enable Prompt Injection and Data Exfiltration
China's CNCERT has warned about security flaws in the OpenClaw AI agent, citing weak default configurations that could lead to prompt injection and data exfiltration.
FBI Seeks Victims of Steam Games Used to Spread Malware
The FBI is asking for information from gamers who installed eight malicious Steam titles as part of an ongoing investigation into malware distribution via the platform.
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
A suspected China-based cyber espionage group, tracked as CL-STA-1087, has been targeting Southeast Asian military organizations since at least 2020 using AppleChris and MemFun malware.