Kali365 phishing kit bypasses MFA and steals Microsoft logins

When the Federal Bureau of Investigation FBI publishes a dedicated public service announcement about a new phishing kit, it’s worth paying attention to. The agency is now warning about “Kali365,” a phishing‑as‑a‑service PhaaS platform that helps even low‑skilled attackers hijack Microsoft 365...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fixed a memory leak in terminateall. When terminating an ongoing transfer, the vdesc must be terminated as well. This ensures that the vdesc is present in the descterminated list. The descriptor will be freed...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web. "Based on current evidence, we believe this data originated from Checkmarx's GitHub repository, and that...

CVE-2026-32589

CVE-2026-32589 concerns Red Hat Quay, where an authenticated user with push access to any repository can interfere with in-progress image uploads of other users due to an insecure direct object reference in the blobupload process. The issue enables reading, modification, or cancellation of anothe...

[SECURITY] Fedora 43 Update: pspp-2.1.1-5.fc43

PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure...

ShinyHunters Claims 350GB Data Breach at European Commission

ShinyHunters claims it breached European Commission systems, leaking 350GB of data. Officials are investigating, with no independent verification yet...

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 9, 2026 to March 15, 2026)

Last week, there were 116 vulnerabilities disclosed in 78 WordPress Plugins and 19 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 66 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

Project Compass Targets 764 Network as 30 Arrested and Victims Rescued

Europol’s Project Compass targets The Com aka 764 network, an online group exploiting minors. After 30 arrests, officials say the hunt for those involved is far from over...

`tracing-check` was removed from crates.io for malicious code

This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 1 version published on 2026-02-24 approximately 4 hours before removal and had no evidence of actual downloads. There were no crates...

Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot

Cybersecurity researchers have disclosed details of a new attack method dubbed Reprompt that could allow bad actors to exfiltrate sensitive data from artificial intelligence AI chatbots like Microsoft Copilot in a single click, while bypassing enterprise security controls entirely. "Only a single...

CVE-2025-20393

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due...

Coupang Data Breach Affects All 33.7 Million South Korean Accounts

Coupang confirms a data breach affecting 33.7 million users in South Korea, exposing names, contacts and order details. Investigation is ongoing...

CVE-2025-66289

Summary: CVE-2025-66289 affects OrangeHRM versions 5.0–5.7, where sessions are not invalidated when a user is disabled or a password changes, allowing active session cookies to remain valid indefinitely. This enables continued access to protected pages by disabled users or attackers using comprom...

AIPAC Discloses Data Breach, Says Hundreds Affected

AIPAC reports data breach after external system access, hundreds affected, investigation ongoing with added security steps...

Malicious code in debug-user-pipe-sun-simple (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b956520dade516641ac3e4bf6e4c17f3370f200481d4157d05f06f415cd0915 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in react-toast-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d97a357fa8e584e4b5afe4a19068c7294cec8af76786077c6064e611d1aa185 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2020-24827

Malware in sbrugna...