Security news.
Today's security brief highlights critical vulnerabilities and active exploitation, with CISA ordering federal agencies to patch a Windows zero-day and adding two more flaws to its KEV catalog. GitHub also addressed a severe RCE flaw affecting millions of private repositories, while a critical SQL injection in LiteLLM is being actively exploited.
CISA orders feds to patch Windows flaw exploited as zero-day
CISA has mandated federal agencies patch a Windows vulnerability actively exploited in zero-day attacks.
LiteLLM CVE-2026-422208 SQL Injection Exploited within 36 Hours of Disclosure
A critical SQL injection vulnerability (CVE-2026-42208) in BerriAI's LiteLLM Python package is under active exploitation just 36 hours after disclosure.
GitHub fixes RCE flaw that gave access to millions of private repos
GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private repositories.
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
cPanel released security updates to address a critical authentication vulnerability affecting all supported versions, urging immediate updates.
Checkmarx Confirms Data Stolen in Supply Chain Attack
Checkmarx confirmed that data was exfiltrated from its GitHub environment on March 30, following a supply chain attack.
Lotus Wiper Attack Targeted Venezuelan Energy Firms, Utilities
A new analysis reveals the Lotus Wiper malware used sophisticated living-off-the-land techniques for widespread data deletion against Venezuelan energy firms.
Hundreds of Internet-Facing VNC Servers Expose ICS/OT
Forescout identified tens of thousands of exposed RDP and VNC servers, with hundreds directly exposing Industrial Control Systems/Operational Technology environments.
Chrome 147, Firefox 150 Security Updates Rolling Out
Google Chrome 147 and Firefox 150 are rolling out with security updates addressing critical and high-severity vulnerabilities.