← Latest brief

Security news.

·Afternoon Brief

Today's security landscape is dominated by critical supply chain compromises, major data breaches affecting millions, and unpatched privilege escalation flaws in core Windows and Linux systems. Threat actors continue exploiting legitimate services and development tools while law enforcement scores wins against state-sponsored actors and cybercriminals.

BLEEPINGMALWARE
Apr 27READ

Popular PyPI Package (1.1M Downloads) Compromised to Distribute Infostealer

Attackers pushed a malicious version of the elementary-data package to steal developer credentials and cryptocurrency wallets from a highly-trusted Python repository.

BLEEPINGBREACH
Apr 27READ

ADT Data Breach Exposes 5.5 Million Records

ShinyHunters extortion group stole personal information from home security giant ADT, affecting millions of customers.

BLEEPINGBREACH
Apr 27READ

Medtronic Confirms Breach; 9 Million Records Allegedly Stolen

Medical device giant Medtronic disclosed unauthorized access to corporate IT systems with hackers claiming theft of 9 million records.

DARK READINGPATCH
Apr 27READ

Unpatched 'PhantomRPC' Windows Flaw Enables Privilege Escalation

Researchers discovered five exploit paths stemming from an architectural weakness in Windows RPC's handling of unavailable services, with no patch currently available.

SECURITYWEEKVULN
Apr 27READ

OpenSSH Flaw Allowing Root Access Lurked for 15 Years

A code reuse vulnerability in OpenSSH certificate handling enabled comma characters to be interpreted as list separators, potentially granting full root shell access.

SECURITYWEEKVULN
Apr 27READ

'Pack2TheRoot' Linux Vulnerability Enables Easy Privilege Escalation

A race condition in PackageKit allows unprivileged users to escalate to root when installing packages.

THNMALWARE
Apr 27READ

73 Fake VS Code Extensions Deliver GlassWorm v2 Malware

Researchers identified 73 malicious Visual Studio Code extensions on the Open VSX repository, with six confirmed malicious and others acting as trojanized clones of legitimate tools.

BLEEPING
Apr 27READ

FTC: Americans Lost $2.1 Billion to Social Media Scams in 2025

The Federal Trade Commission reported a massive surge in losses from social media-based fraud schemes since 2020, with 2025 losses exceeding $2.1 billion.

Generated twice daily from public security RSS feeds. Informational only.