Security news.
Today's security brief highlights critical supply-chain attacks, significant data breaches, and important vulnerability disclosures. Developers and IT teams should pay close attention to updates for widely used SDKs and open-source tools, as well as new advisories for enterprise hardware and software.
AppsFlyer Web SDK Hijacked to Spread Crypto-Stealing JavaScript
The AppsFlyer Web SDK was temporarily compromised in a supply-chain attack, injecting malicious code to steal cryptocurrency.
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions
A new GlassWorm campaign is escalating by abusing `extensionPack` and `extensionDependencies` in 72 Open VSX extensions to propagate malicious code.
Loblaw Data Breach Impacts Customer Information
Hackers accessed personal information including names, email addresses, and phone numbers in a data breach affecting Loblaw customers.
Microsoft Releases Windows 11 OOB Hotpatch for RRAS RCE Flaw
Microsoft issued an out-of-band update to fix a critical Remote Code Execution (RCE) vulnerability affecting Windows 11 Enterprise devices using hotpatch updates.
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
China's CNCERT warned about security flaws in the OpenClaw (formerly Clawdbot and Moltbot) open-source AI agent, citing weak default security configurations.
Critical HPE AOS-CX Vulnerability Allows Admin Password Resets
A critical vulnerability in HPE AOS-CX can be exploited remotely and without authentication to reset administrator passwords and bypass authentication controls.
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA added CVE-2026-3909 (Google Skia Out-of-Bounds Write) and CVE-2026-3910 (Google Chromium V8 Unspecified Vulnerability) to its KEV Catalog, urging immediate remediation.
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group linked to Iranian intelligence agencies claimed responsibility for a data-wiping attack against global medical technology company Stryker.