Trivy vulnerability scanner backdoored with credential stealer in supply chain attack
Attackers have compromised the widely used open-source Trivy vulnerability scanner, injecting credential-stealing malware into official releases and GitHub Actions used...
Fake ‘Trusted Sender’ Labels Misused in New Apple Mail Phishing Scheme
Fake “trusted sender” labels can mislead users, as scammers embed them into email bodies to disguise phishing emails and create a false sense of...
AI Factories, Security Flaws, and Workforce Shifts Define This Week in Tech
See what you missed in Daily Tech Insider from March 16–20.
The post AI Factories, Security Flaws, and Workforce Shifts Define This Week in Tech...
CVE-2026-26118 Azure MCP Server Tools Elevation of Privilege Vulnerability
Added products to the Security Updates table that document the various packaging methods used to deliver Azure MCP Server Tools. - Read more
mod_gnutls Multiple Vulnerabilities
mod_gnutls Multiple Vulnerabilities Multiple vulnerabilities exist in mod_gnutls. CVE-2026-33307 Stack-based Buffer Overflow in Client Certificate Chain Processing CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (7.5)A client certificate chain with more than 8...
Russian Intelligence Services Target Commercial Messaging Application Accounts
CISA and the Federal Bureau of Investigation released a Public Service Announcement (PSA) warning about ongoing phishing campaigns by cyber actors associated with the...
UK Cyber Monitoring Centre plans expansion in US amid risk of Category 5 attack
Organisations lulled into a false sense of security after Russian invasion of Ukraine are still at risk of a Category 5 attack in 2026...
Hackers Exploit Critical Langflow Bug in Just 20 Hours
Sysdig details how threat actors exploited a critical CVE in Langflow in less than a day - Read more
NCA Boss Warns That Teens Are Being “Radicalized” Into Cybercrime Online
The National Crime Agency’s director general warns that technology is rapidly reshaping crime - Read more
Latest article
Microsoft Defender Mistakenly Flags DigiCert Root Certificates as Malware
Microsoft Defender triggered widespread false positive alerts after a faulty security update caused it to flag two legitimate DigiCert root certificates as malicious, potentially...
CVE-2025-9403 jqlang jq JSON jq_test.c run_jq_tests assertion
Information published. - Read more
ZenBusiness – 5,118,184 breached accounts
In March 2026, the hacker and extortion group "ShinyHunters" claimed to have obtained a substantial corpus of data from ZenBusiness, a business formation and...
Microsoft Shell Spoofing Zero-day Vulnerability
What is the Attack? A newly disclosed vulnerability, CVE-2026-32202, has emerged...
