← Latest brief

Security news.

·Morning Brief

Today's security news is dominated by critical supply chain attacks and state-sponsored phishing campaigns. The Trivy vulnerability scanner was compromised, leading to the distribution of infostealing malware and a self-propagating worm across numerous npm packages. Additionally, CISA and the FBI have warned about Russian intelligence services targeting commercial messaging apps with sophisticated phishing attacks.

BLEEPINGBREACH
Mar 21READ

Trivy Vulnerability Scanner Breach Pushed Infostealer

The Trivy vulnerability scanner suffered a supply-chain attack by TeamPCP, distributing credential-stealing malware through official releases and GitHub Actions.

THNSUPPLY CHAIN
Mar 21READ

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm

The Trivy supply chain attack is suspected to have led to the compromise of 47 npm packages with a new self-propagating worm dubbed CanisterWorm.

PHISHING
READ

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

Russian Intelligence Services are conducting phishing campaigns to compromise Signal and WhatsApp accounts of individuals with high intelligence value, as warned by CISA and the FBI.

SECURITYWEEKEXPLOIT
Mar 21READ

Critical Quest KACE Vulnerability Potentially Exploited

A critical vulnerability, CVE-2025-32975, in Quest KACE is potentially being exploited in attacks, particularly against the education sector.

PATCH
READ

Oracle Patches Critical CVE-2026-21992 in Identity Manager

Oracle has released an emergency patch for CVE-2026-21992, a critical unauthenticated remote code execution flaw in Identity Manager and Web Services Manager.

KEV
READ

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV

CISA added five new vulnerabilities, including flaws in Apple, Craft CMS, and Laravel Livewire, to its Known Exploited Vulnerabilities catalog, requiring federal agencies to patch by April 3, 2026.

BLEEPINGPHISHING
Mar 21READ

Azure Monitor Alerts Abused for Callback Phishing

Threat actors are abusing Microsoft Azure Monitor alerts to send callback phishing emails impersonating Microsoft Security Team warnings about unauthorized charges.

BLEEPING
Mar 21READ

Google Adds ‘Advanced Flow’ for Safe APK Sideloading on Android

Google introduced "Advanced Flow" in Android to provide a more secure method for power users to sideload APKs from unverified developers.

Generated twice daily from public security RSS feeds. Informational only.