← Latest brief

Security news.

·Morning Brief

Today's security landscape is marked by significant state-sponsored activity, with Iran-linked hackers breaching an FBI director's personal email and deploying wiper attacks. Additionally, CISA has added a critical F5 BIG-IP APM vulnerability to its KEV catalog due to active exploitation, underscoring the ongoing threat from known flaws.

THNBREACH
Mar 28READ

Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack

Threat actors tied to Iran's Handala Hack Team breached the personal email of FBI Director Kash Patel, leaking documents, and also claimed a wiper attack against medical technology firm Stryker.

THNKEV
Mar 28READ

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

CISA has added a critical F5 BIG-IP Access Policy Manager (APM) vulnerability, CVE-2025-53521 (CVSS 9.3), to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation that could lead to remote code execution.

THNVULN
Mar 28READ

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

A critical memory overread flaw, CVE-2026-3055, affecting Citrix NetScaler ADC and NetScaler Gateway is experiencing active reconnaissance, posing a risk of sensitive information leakage.

THNPHISHING
Mar 28READ

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

The Russian state-sponsored group TA446 (Callisto) is leveraging the DarkSword exploit kit in targeted spear-phishing campaigns to compromise iOS devices.

BLEEPINGMALWARE
Mar 28READ

New Infinity Stealer malware grabs macOS data via ClickFix lures

A new info-stealing malware, Infinity Stealer, is targeting macOS users through Cloudflare-themed ClickFix lures, using a Python payload packaged with Nuitka.

BLEEPINGMALWARE
Mar 27READ

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on PyPI, distributing malicious versions that conceal credential-stealing malware within WAV audio files.

THNEXPLOIT
Mar 27READ

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Apple is issuing Lock Screen notifications to users of older iOS/iPadOS versions, urging them to update due to active web-based attacks targeting outdated software.

BLEEPINGMALWARE
Mar 27READ

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code security alerts in project discussions, tricking them into downloading malware.

Generated twice daily from public security RSS feeds. Informational only.