Security news.
Today's security landscape is dominated by critical infrastructure threats, supply chain compromises, and active zero-day exploitation. A major breach at Vercel, vulnerabilities in serial-to-IP devices affecting OT/healthcare systems, and multiple unpatched Microsoft Defender zero-days are actively being exploited, while CISA warns of a compromised Axios npm package affecting JavaScript developers globally.
CISA: Axios npm Package Supply Chain Compromise
Two versions of the widely-used Axios HTTP client ([email protected] and [email protected]) were compromised, affecting JavaScript developers across Node.js and browser environments.
SGLang CVE-2026-5760: Critical RCE via Malicious GGUF Files
A CVSS 9.8 command injection vulnerability in SGLang enables remote code execution through specially crafted model files.
Serial-to-IP Converter Flaws Expose OT and Healthcare Systems
Forescout researchers discovered 20 new vulnerabilities in Lantronix and Silex products used in operational technology and healthcare environments, with thousands of additional legacy bugs identified.
Anthropic MCP Design Flaw Enables RCE, Threatens AI Supply Chain
A critical "by design" weakness in the Model Context Protocol architecture allows arbitrary command execution on vulnerable MCP implementations, with cascading effects across the AI supply chain.
Vercel Breach: Next.js Creator Compromised via Third-Party AI Tool
Cloud development platform Vercel suffered a breach after attackers compromised Context.ai, a third-party AI tool used by an employee, gaining access to internal systems and limited customer credentials.
ZionSiphon Malware Targets Israeli Water and Desalination Systems
A new malware specifically designed for Israeli water treatment and desalination OT systems establishes persistence, tampers with configurations, and scans for operational technology services.
Seiko USA Website Defaced; Attacker Claims Shopify Database Theft
The Seiko USA website was defaced with attackers claiming to have stolen the Shopify customer database and threatening to leak it unless ransom is paid.
Microsoft Teams Increasingly Abused in Helpdesk Impersonation Attacks
Threat actors are leveraging external Microsoft Teams collaboration to impersonate helpdesk staff and gain initial access and lateral movement on enterprise networks.