← Latest brief

Security news.

·Morning Brief

Today's security brief highlights critical vulnerabilities and active exploitation, with Fortinet patching an actively exploited flaw in FortiClient EMS and CISA adding another vulnerability to its KEV catalog. Supply chain attacks continue to be a significant concern, as seen with malicious npm packages and the Axios npm hack.

THNEXPLOIT
Apr 5READ

Fortinet Patches Actively Exploited FortiClient EMS Flaw

Fortinet has released out-of-band patches for CVE-2026-35616 (CVSS: 9.1), a critical pre-authentication API access bypass vulnerability in FortiClient EMS that is being actively exploited in the wild.

THNMALWARE
Apr 5READ

36 Malicious npm Packages Exploit Redis, PostgreSQL

Researchers found 36 malicious npm packages disguised as Strapi CMS plugins, designed to exploit Redis and PostgreSQL, deploy reverse shells, harvest credentials, and install persistent implants.

BLEEPINGBREACH
Apr 4READ

Axios npm Hack Used Fake Teams Error Fix to Hijack Account

The maintainers of the Axios HTTP client detailed how a developer was targeted by a social engineering campaign, believed to be by North Korean threat actors, leading to a supply chain compromise.

CISAZERO-DAY
Apr 2READ

CISA Adds TrueConf Zero-Day to KEV Catalog

CISA has added CVE-2026-3502, a TrueConf Client Download of Code Without Integrity Check Vulnerability, to its Known Exploited Vulnerabilities Catalog due to active exploitation.

SECURITYWEEKZERO-DAY
Apr 3READ

TrueConf Zero-Day Exploited in Asian Government Attacks

A Chinese threat actor exploited a zero-day vulnerability in the TrueConf video conferencing platform to conduct reconnaissance, escalate privileges, and execute additional payloads against Asian governments.

SECURITYWEEKSUPPLY CHAIN
Apr 4READ

European Commission Confirms Data Breach from Trivy Supply Chain Attack

The European Commission confirmed a data breach where over 300GB of data, including personal information, was stolen from its AWS environment, linked to a Trivy supply chain attack.

BLEEPINGPHISHING
Apr 4READ

Device Code Phishing Attacks Surge 37x

Device code phishing attacks, which abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts, have surged more than 37 times this year due to new kits spreading online.

SECURITYWEEKRCE
Apr 3READ

Critical ShareFile Flaws Lead to Unauthenticated RCE

Critical vulnerabilities in ShareFile can be chained to bypass authentication and upload arbitrary files, leading to unauthenticated remote code execution.

Generated twice daily from public security RSS feeds. Informational only.