← Latest brief

Security news.

·Afternoon Brief

Today's security landscape highlights critical vulnerabilities and state-sponsored threats. CISA has added a new F5 BIG-IP APM flaw to its KEV catalog due to active exploitation, while Iranian-linked hackers claim a breach of an FBI director's personal email and a wiper attack on Stryker. macOS users are also targeted by a new info-stealing malware.

THNBREACH
Mar 28READ

Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack

Threat actors with ties to Iran, specifically Handala Hack Team, claim to have breached the personal email of FBI Director Kash Patel and launched a wiper attack against medical technology company Stryker.

THNKEV
Mar 28READ

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

CISA has added a critical F5 BIG-IP Access Policy Manager (APM) vulnerability, CVE-2025-53521 (CVSS 9.3), to its Known Exploited Vulnerabilities catalog due to active exploitation leading to remote code execution.

THNVULN
Mar 28READ

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

A critical memory overread flaw, CVE-2026-3055 (CVSS 9.3), affecting Citrix NetScaler ADC and Gateway is currently experiencing active reconnaissance, potentially allowing sensitive information leakage.

THNPHISHING
Mar 28READ

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

The Russian state-sponsored threat group TA446 (Callisto, Seaborgium) is leveraging the DarkSword exploit kit in targeted spear-phishing campaigns against iOS devices.

BLEEPINGMALWARE
Mar 28READ

New Infinity Stealer malware grabs macOS data via ClickFix lures

A new info-stealing malware, Infinity Stealer, is targeting macOS systems through Cloudflare-themed ClickFix lures, delivering a Python payload to steal sensitive data.

THNEXPLOIT
Mar 27READ

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Apple is issuing Lock Screen notifications to users with outdated iOS/iPadOS versions, urging them to update due to active web-based attacks targeting older software.

BLEEPINGMALWARE
Mar 27READ

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index (PyPI), distributing malicious versions that conceal credential-stealing malware within WAV audio files.

BLEEPINGMALWARE
Mar 27READ

Fake VS Code alerts on GitHub spread malware to developers

A widespread campaign is targeting developers on GitHub with fake Visual Studio Code security alerts in project discussions, tricking them into downloading malware.

Generated twice daily from public security RSS feeds. Informational only.