Security news.
Today's security landscape highlights critical vulnerabilities and sophisticated attack campaigns. CISA has flagged an actively exploited Wing FTP vulnerability, while a new GlassWorm attack leverages stolen GitHub tokens to inject malware into Python repositories. Additionally, a major cyberattack on medical tech giant Stryker resulted in the wiping of tens of thousands of devices.
CISA Flags Actively Exploited Wing FTP Vulnerability
CISA added CVE-2025-47813, a medium-severity information disclosure flaw in Wing FTP, to its KEV catalog due to active exploitation.
GlassWorm Attack Injects Malware into Python Repos via Stolen GitHub Tokens
The GlassWorm campaign is actively exploiting stolen GitHub tokens to force-push obfuscated malware into hundreds of Python projects, including Django apps and PyPI packages.
Stryker Attack Wiped Tens of Thousands of Devices Without Malware
A recent cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices.
UK’s Companies House Confirms Security Flaw Exposed Business Data
The British government agency Companies House confirmed a security flaw in its WebFiling service exposed company information since October 2025, now resolved.
ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
Multiple ClickFix campaigns are delivering the MacSync macOS information stealer by tricking users into copying and executing commands, rather than exploiting vulnerabilities.
Threat Actor Targeting VPN Users in New Credential Theft Campaign
Storm-2561 is distributing fake VPN clients through SEO poisoning to deploy trojans and steal login credentials from unsuspecting users.
China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation
State-sponsored hackers from China have been observed deploying custom tools and maintaining dormant presence in compromised Asian military networks for months.
Microsoft Patch Tuesday, March 2026 Edition
Microsoft released security updates addressing 77 vulnerabilities in Windows and other software, with no zero-day flaws reported this month.