← Latest brief

Security news.

·Afternoon Brief

Today's security landscape highlights a surge in supply chain attacks and sophisticated malware campaigns. Threat actors are leveraging novel techniques, including post-quantum encryption and legitimate APIs, while critical vulnerabilities in widely used software and industrial control systems demand immediate attention.

THNSUPPLY CHAIN
Apr 22READ

Self-Propagating Supply Chain Worm Hijacks npm Packages

A new supply chain worm, dubbed CanisterSprawl, is compromising npm packages to steal developer tokens and spread through compromised accounts.

THNSUPPLY CHAIN
Apr 22READ

Malicious KICS Docker Images and VS Code Extensions Target Checkmarx Supply Chain

Threat actors pushed malicious images to the official "checkmarx/kics" Docker Hub repository, overwriting existing tags and introducing new, unofficial releases.

BLEEPINGRANSOMWARE
Apr 22READ

Kyber Ransomware Gang Uses Post-Quantum Encryption

A new Kyber ransomware operation is targeting Windows systems and VMware ESXi endpoints, with one variant implementing Kyber1024 post-quantum encryption.

THNPATCH
Apr 22READ

Microsoft Patches Critical ASP.NET Core Privilege Escalation Bug

Microsoft released out-of-band updates for CVE-2026-40372, a critical (CVSS 9.1) privilege escalation vulnerability in ASP.NET Core.

THNVULN
Apr 22READ

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution

A critical vulnerability (CVE-2026-5752, CVSS 9.3) in the Python-based Terrarium sandbox allows arbitrary code execution with root privileges and container escape.

THNMALWARE
Apr 22READ

Harvester Deploys Linux GoGra Backdoor Using Microsoft Graph API

The Harvester threat actor is using a new Linux version of its GoGra backdoor, leveraging the legitimate Microsoft Graph API and Outlook mailboxes for covert C2 communications.

SECURITYWEEKMALWARE
Apr 22READ

New Wiper Malware Targeted Venezuelan Energy Sector

Dubbed Lotus Wiper, this previously undocumented malware was used in destructive attacks against Venezuela's energy and utilities sector, targeting recovery mechanisms and overwriting drives.

BLEEPING
Apr 22READ

Over 1,300 Microsoft SharePoint Servers Vulnerable to Spoofing

More than 1,300 Microsoft SharePoint servers remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being actively abused.

Generated twice daily from public security RSS feeds. Informational only.