← Latest brief

Security news.

·Afternoon Brief

Today's security landscape is dominated by critical vulnerabilities in widely-used platforms, active exploitation campaigns, and law enforcement actions against major threat actors. GitHub, Hugging Face, and Windows all face unpatched or newly-exploited critical flaws, while supply chain attacks continue to proliferate through developer tools.

THNRCE
Apr 28READ

Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Git Push

Authenticated users can achieve remote code execution on GitHub.com and GitHub Enterprise Server with a single "git push" command (CVSS 8.7).

THNRCE
Apr 28READ

Critical Unpatched Hugging Face LeRobot RCE Flaw (CVE-2026-25874)

Untrusted data deserialization in the robotics platform allows unauthenticated remote code execution (CVSS 9.3).

CISAKEV
Apr 28READ

CISA Adds Two Known Exploited Vulnerabilities to KEV Catalog

CVE-2024-1708 (ConnectWise ScreenConnect path traversal) and CVE-2026-32202 (Windows Shell spoofing) are actively exploited in the wild.

DARK READING
Apr 28READ

GlassWorm Campaign Returns with 73 OpenVSX "Sleeper" Extensions

Over 70 cloned VS Code extensions in the Open VSX marketplace are designed to distribute self-propagating malware after updates.

BLEEPINGSUPPLY CHAIN
Apr 28READ

Vimeo Confirms Data Breach via Anodot Supply Chain Attack

Customer and user data was accessed without authorization following the breach of Anodot, a data anomaly detection platform; ShinyHunters group is demanding ransom.

BLEEPINGBREACH
Apr 28READ

Checkmarx Confirms LAPSUS$ Leaked Stolen GitHub Repository Data

The threat group published data from Checkmarx's private GitHub repository obtained via the March 23 supply chain attack.

BLEEPINGPOLICY
Apr 28READ

US Charges Scattered Spider Member Arrested in Finland

A 19-year-old dual US-Estonian citizen faces federal charges for his role in the notorious Scattered Spider hacking collective.

THNEXPLOIT
Apr 28READ

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

The spoofing vulnerability (CVSS 4.3) is being actively exploited in the wild; patch available via April Patch Tuesday.

Generated twice daily from public security RSS feeds. Informational only.