Today's threat landscape is dominated by active credential-harvesting campaigns, supply chain attacks, and critical infrastructure vulnerabilities. The FortiBleed campaign continues to expose tens of thousands of device credentials, while multiple WordPress plugins and npm packages have been compromised in coordinated supply chain attacks. Intelligence agencies warn that AI-driven cyber catastrophes are imminent, with threats expected within months rather than years.

FortiBleed Campaign Harvested 86,000+ Working Credentials from Fortinet Devices — SOCRadar reports the large-scale FortiBleed campaign used custom sniffers to extract authentication secrets from compromised FortiGate firewalls, creating a database of over 86,000 confirmed working credentials targeting government and private sector organizations across nearly 200 countries. Read more →
ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack — Multiple WordPress plugins from ShapedPlugin were compromised after threat actors tampered with the vendor's build and distribution pipeline, injecting backdoor code into official licensed update channels. Read more →
North Korean Hackers Blamed for Mastra NPM Supply Chain Attack — Microsoft attributed the compromise of over 140 Mastra npm packages to North Korean group Sapphire Sleet (BlueNoroff), with malicious dependencies targeting cryptocurrency extensions. Read more →
Squidbleed: 29-Year-Old Squid Proxy Vulnerability Leaks Cleartext HTTP Requests — A heap over-read in Squid web proxy can leak another user's cleartext HTTP requests including credentials and session tokens to anyone with proxy access; the bug traces to 1997 FTP-parsing code and remains unfixed in default configurations. Read more →
Microsoft Fixes AutoJack Vulnerability Chain in AutoGen Studio — A vulnerability chain in Microsoft's AutoGen Studio could allow attackers to manipulate AI agents into executing arbitrary commands on host systems simply by visiting a malicious webpage. Read more →
DifyTap: Four Vulnerabilities in Dify AI Platform Allow Cross-Tenant Data Exposure — Researchers disclosed four unauthenticated vulnerabilities in Dify (146,000+ GitHub stars) that could allow attackers to read AI conversations from other customers' applications without authentication. Read more →
Top Intelligence Agencies Warn AI-Driven Cyber Catastrophes Are Imminent — An intelligence alliance warns organization leaders that AI-driven breaches will occur, with the timeline measured in months rather than years. Read more →
Gravity SMTP WordPress Plugin Flaw Actively Exploited to Harvest Secrets — Threat actors are exploiting an unauthenticated information disclosure vulnerability in Gravity SMTP (active on 100,000 sites) to leak API keys, secrets, tokens, and server information. Read more →