Security news.
Today's security news highlights a significant supply chain attack impacting multiple AI and developer packages, alongside critical patches from major vendors like Apple and SAP. The increasing role of AI in both offensive and defensive cybersecurity is also a prominent theme, with Google reporting the first AI-generat
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
A new "Mini Shai-Hulud" supply chain campaign by TeamPCP has compromised hundreds of npm and PyPI packages, including those from TanStack, Mistral AI, and UiPath, injecting credential-stealing malware.
West Pharmaceutical Services Hit by Disruptive Ransomware Attack
West Pharmaceutical Services took systems offline globally after a ransomware attack exfiltrated data and deployed file-encrypting malware.
Apple Patches Dozens of Vulnerabilities in macOS, iOS
Apple has released patches for numerous vulnerabilities across macOS and iOS, including a fix for a recent deleted chats recovery issue ported to older iOS versions.
SAP Patches Critical S/4HANA, Commerce Vulnerabilities
SAP has addressed critical vulnerabilities in S/4HANA and Commerce Cloud that could allow attackers to inject malicious code, leading to information disclosure and code execution.
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
Instructure, the company behind the Canvas learning management system, reached an "agreement" with the ShinyHunters extortion group to prevent the leak of 3.65TB of stolen data.
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Google has identified a zero-day exploit, likely developed with AI, used by a cybercrime group to bypass 2FA in a web administration tool, marking a significant milestone in AI-driven attacks.
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
A critical cPanel flaw, CVE-2026-41940, is being actively exploited by a threat actor named Mr_Rot13 to deploy a "Filemanager" backdoor, allowing authentication bypass and elevated control.
'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
A new privilege escalation vulnerability in the Linux kernel, dubbed "Dirty Frag," similar to Copy Fail and Dirty Pipe, may already be under limited exploitation.