Today's security landscape highlights significant supply chain attacks and persistent exploitation of critical vulnerabilities. Over 400 Arch Linux AUR packages were hijacked to distribute a credential stealer and rootkit, while CISA issued urgent directives for federal agencies to patch actively exploited flaws in Ivanti Sentry and Oracle PeopleSoft.

400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer — Attackers compromised over 400 packages in the Arch User Repository (AUR), modifying build scripts to install a Rust-based credential stealer and an eBPF rootkit on affected systems. Read more →
CISA orders feds to patch actively exploited Ivanti flaw by Sunday — CISA has mandated federal agencies patch an actively exploited Ivanti Sentry OS Command Injection vulnerability (CVE-2026-10520) within three days, following its addition to the KEV Catalog. Read more →
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters — Google confirmed the ShinyHunters group exploited an Oracle PeopleSoft vulnerability (CVE-2026-35273) as a zero-day to breach university systems, leading to CISA adding it to the KEV Catalog. Read more →
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade — A China-nexus group, tracked as Velvet Ant, backdoored Linux PAM and OpenSSH components for almost a decade, planting persistent access within the login system itself. Read more →
phpBB forum fixes auth bypass bug lurking for a decade — A 10-year-old authentication bypass vulnerability in phpBB forum software has been patched, which allowed attackers to log in as any user, including administrators. Read more →
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing — Google is taking legal action against a Chinese cybercrime network for allegedly using its Gemini AI agent to send phishing text messages and operating the "Outsider" PhaaS kit. Read more →
Over 73,000 French govt employees affected in Tchap messenger breach — A recent breach of the French government's Tchap encrypted messaging platform has impacted over 73,000 public sector employee accounts. Read more →
Maine disables data breach notification portal after fake disclosures — Maine has temporarily shut down its public data breach reporting portal after fraudulent disclosures were published, prompting a review of security procedures. Read more →