← Latest brief

Security news.

·Morning Brief

Today's security landscape highlights critical vulnerabilities and sophisticated attack campaigns. CISA has flagged an actively exploited Wing FTP vulnerability, while a new GlassWorm attack leverages stolen GitHub tokens to inject malware into Python repositories. Additionally, a major cyberattack on medical tech giant Stryker resulted in the wiping of tens of thousands of devices.

THNEXPLOIT
Mar 17READ

CISA Flags Actively Exploited Wing FTP Vulnerability

CISA added CVE-2025-47813, a medium-severity information disclosure flaw in Wing FTP, to its KEV catalog due to active exploitation.

THNBREACH
Mar 16READ

GlassWorm Attack Injects Malware into Python Repos via Stolen GitHub Tokens

The GlassWorm campaign is actively exploiting stolen GitHub tokens to force-push obfuscated malware into hundreds of Python projects, including Django apps and PyPI packages.

BLEEPINGMALWARE
Mar 16READ

Stryker Attack Wiped Tens of Thousands of Devices Without Malware

A recent cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices.

BLEEPINGVULN
Mar 16READ

UK’s Companies House Confirms Security Flaw Exposed Business Data

The British government agency Companies House confirmed a security flaw in its WebFiling service exposed company information since October 2025, now resolved.

THNMALWARE
Mar 16READ

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

Multiple ClickFix campaigns are delivering the MacSync macOS information stealer by tricking users into copying and executing commands, rather than exploiting vulnerabilities.

SECURITYWEEKBREACH
Mar 16READ

Threat Actor Targeting VPN Users in New Credential Theft Campaign

Storm-2561 is distributing fake VPN clients through SEO poisoning to deploy trojans and steal login credentials from unsuspecting users.

SECURITYWEEKNATION-STATE
Mar 16READ

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation

State-sponsored hackers from China have been observed deploying custom tools and maintaining dormant presence in compromised Asian military networks for months.

KREBSPATCH
Mar 11READ

Microsoft Patch Tuesday, March 2026 Edition

Microsoft released security updates addressing 77 vulnerabilities in Windows and other software, with no zero-day flaws reported this month.

Generated twice daily from public security RSS feeds. Informational only.