Security Articles

21 min read

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

This week's cybersecurity recap covers supply chain attacks, botnet takedowns, and rapidly weaponized vulnerabilities across multiple platforms.

11 min read

We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them

XM Cyber's threat research team identified eight validated attack vectors targeting AWS Bedrock's permissions, configurations, and integrations.

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Microsoft has warned of multiple tax-season phishing campaigns targeting over 29,000 users across 10,000 organizations, deploying RMM malware for persistent access.

71 min read

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

This article covers a supply chain attack on Trivy, an open-source vulnerability scanner by Aqua Security, leading to widespread compromise across developer environments.

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

Threat actors are actively exploiting CVE-2025-32975 (CVSS 10.0), an authentication bypass flaw in Quest KACE Systems Management Appliance (SMA), to hijack administrative accounts.

Spring

Spring Cloud Config 5.0.2, 4.3.2, 4.2.6, 4.1.9, 3.1.13 Released, includes fix for CVE-2026-22739

Spring Cloud Config has released multiple patched versions (5.0.2, 4.3.2, 4.2.6, 4.1.9, 3.1.13) addressing a security vulnerability.

61 min read

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

The FBI and CISA warn that Russian intelligence-affiliated threat actors are conducting mass phishing campaigns targeting Signal and WhatsApp accounts of high-value individuals.

41 min read

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle has patched a critical unauthenticated remote code execution vulnerability (CVE-2026-21992) affecting Oracle Identity Manager and Web Services Manager.

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

CISA added five actively exploited vulnerabilities in Apple, Craft CMS, and Laravel Livewire to its KEV catalog, requiring federal agencies to patch by April 3, 2026.

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

A supply chain attack on the Trivy scanner has spawned a self-propagating npm worm called CanisterWorm, affecting 47 packages across multiple scopes.

Rust

02 min read