← Latest brief

Security news.

·Morning Brief

Today's security news highlights active exploitation of critical vulnerabilities in F5 BIG-IP and Fortinet FortiClient EMS, alongside a confirmed data breach at the European Commission. State-sponsored groups continue their cyber campaigns, with a focus on supply chain attacks and the adoption of new exploit kits.

BLEEPINGVULN
Mar 30READ

Hackers Exploiting Critical F5 BIG-IP Flaw

F5 has reclassified a BIG-IP APM denial-of-service vulnerability (CVE-2025-53521) as a critical remote code execution flaw, with attackers actively exploiting it to deploy webshells.

BLEEPINGEXPLOIT
Mar 30READ

Critical Fortinet FortiClient EMS Flaw Exploited

A critical vulnerability in Fortinet's FortiClient EMS platform is now being actively exploited by attackers, according to threat intelligence.

SECURITYWEEKBREACH
Mar 30READ

European Commission Confirms Data Breach

The European Commission has confirmed a cyber intrusion and data theft, with the ShinyHunters hacker group claiming to have stolen over 350GB of information from its cloud systems.

SECURITYWEEKNATION-STATE
Mar 30READ

Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit

The state-sponsored group Star Blizzard has incorporated the DarkSword iOS exploit kit into its campaigns targeting government, higher education, financial, and legal entities.

SECURITYWEEKSUPPLY CHAIN
Mar 30READ

Telnyx Targeted in TeamPCP Supply Chain Attack

Two malicious versions of a popular SDK were uploaded to the PyPI registry, targeting Windows, macOS, and Linux as part of the growing TeamPCP supply chain attack, impacting Telnyx.

THNBREACH
Mar 30READ

Russian CTRL Toolkit Hijacks RDP via FRP Tunnels

A Russian-origin remote access toolkit, "CTRL," is being distributed via malicious LNK files and is capable of credential phishing, keylogging, RDP hijacking, and reverse tunneling.

THN
Mar 30READ

Secrets Sprawl Accelerated in 2025

GitGuardian's "State of Secrets Sprawl 2026" report reveals a 34% increase in hardcoded secrets found in public GitHub in 2025, with 29 million new secrets, marking the largest single-year jump recorded.

BLEEPING
Mar 30READ

Microsoft Pulls Buggy Windows Update KB5079391

Microsoft has withdrawn a non-security preview update for Windows 11, KB5079391, due to installation issues causing 0x80073712 errors.

Generated twice daily from public security RSS feeds. Informational only.