← Latest brief

Security news.

·Afternoon Brief

Today's security news highlights a significant focus on supply chain attacks and the evolving tactics of state-backed threat actors. Multiple reports detail compromises of developer tools and cloud services, alongside warnings about sophisticated espionage campaigns from China-linked groups.

BLEEPINGBREACH
Apr 23READ

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm, containing a credential-stealing payload.

BLEEPINGSUPPLY CHAIN
Apr 23READ

New Checkmarx supply-chain breach affects KICS analysis tool

Hackers compromised Docker images, VSCode, and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments.

CISAKEV
Apr 23READ

CISA Adds One Known Exploited Vulnerability to Catalog

CISA added CVE-2026-39987, a Marimo Remote Code Execution Vulnerability, to its KEV Catalog based on evidence of active exploitation.

DARK READINGNATION-STATE
Apr 24READ

Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia

A Chinese APT group, GopherWhisper, is abusing legitimate cloud services like Microsoft Outlook, Slack, Discord, and file.io for command and control in espionage against Mongolian government entities.

BLEEPING
Apr 23READ

UK warns of Chinese hackers using proxy networks to evade detection

The NCSC-UK and international partners issued a warning about China-nexus hackers increasingly using large-scale proxy networks of hijacked consumer devices to evade detection.

BLEEPINGRANSOMWARE
Apr 23READ

Trigona ransomware attacks use custom exfiltration tool to steal data

Recent Trigona ransomware campaigns are employing a custom, command-line tool for faster and more efficient data exfiltration from compromised environments.

THNMALWARE
Apr 23READ

UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware

A new threat cluster, UNC6692, is using social engineering via Microsoft Teams, impersonating IT helpdesk staff to deploy custom malware on victim hosts.

BLEEPINGPATCH
Apr 22READ

Apple fixes bug that let the FBI recover deleted Signal messages

Apple released out-of-band security updates for iOS/iPadOS (CVE-2026-28950) to fix a Notification Services flaw that could retain notifications marked for deletion on the device.

Generated twice daily from public security RSS feeds. Informational only.