25 Apr, 2026

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts. The threat was spotted by researchers at application security companies Socket and StepSecurity in multiple packages from Namastex Labs, a company that provides AI-based agentic solutions designed to improve […]

3 mins read

Microsoft Teams to get efficiency mode on PCs with limited resources

Microsoft is preparing to roll out a new Efficiency Mode for Microsoft Teams for systems with limited CPU and memory resources to improve app responsiveness. As the company explained in a Tuesday message center update (MC1287373), this new performance-optimized experience will be enabled by default on eligible devices and will also improve meeting quality by […]

2 mins read

Microsoft traces Universal Print issues to Graph API code change

Microsoft says that an ongoing Universal Print sharing issue that prevents users from creating some printer shares is due to a Microsoft Graph API code change. Universal Print is a cloud-based print solution designed to replace on-premises print server setups and provide Microsoft 365 customers with centralized print management capabilities. After confirming the issue (tracked under UP1287359) on […]

2 mins read

New Mirai campaign exploits RCE flaw in EoL D-Link routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet. CVE-2025-29635 allows an attacker to execute arbitrary commands on remote devices by sending a POST request to a vulnerable endpoint, triggering remote command execution (RCE). Akamai’s SIRT, which detected the Mirai campaign in March […]

2 mins read

Kyber ransomware gang toys with post-quantum encryption on Windows

A new Kyber ransomware operation is targeting Windows systems and VMware ESXi endpoints in recent attacks, with one variant implementing Kyber1024 post-quantum encryption. Cybersecurity firm Rapid7 retrieved and analyzed two distinct Kyber variants in March 2026 during an incident response. Both variants were deployed on the same network, with one targeting VMware ESXi and the other […]

1 min read

New GoGra malware for Linux uses Microsoft Graph API for comms

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy payload delivery. The malware is developed by Harvester, an espionage group believed to be state-baked, and is considered highly evasive due to its use of Microsoft Graph API to access mailbox data. Harvester has beenĀ active since at least […]

2 mins read

Microsoft releases emergency patches for critical ASP.NET flaw

Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. The security flaw (tracked as CVE-2026-40372) was found in the ASP.NET Core Data Protection cryptographic APIs, and it could allow unauthenticated attackers to gain SYSTEM privileges on affected devices by forging authentication cookies. Microsoft discovered the flaw following user reports […]

2 mins read

Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks

Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abused in ongoing attacks. The security flaw, tracked as CVE-2026-32201, affects SharePoint Enterprise Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition (the latest on-premises version, which uses a “continuous update” model). […]

2 mins read

French govt agency confirms breach as hacker offers to sell data

France Titres, the government agency in FranceĀ for issuing and managince administrative documentsĀ has disclosed a data breach after a threat actor claimed the attack and stealing citizen data. Also known as Agence nationale des titres sĆ©curisĆ©s (ANTS), the administrative body operates under the French Ministry of the Interior, serving as the managing authority for official identity […]

2 mins read

New Lotus data wiper used against Venezuelan energy, utility firms

A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela. The malware was uploaded to a publicly available platform in mid-December from a machine in Venezuela and has been analyzed by researchers at Kaspersky. Before the cripling stage, the attacker relies on two batch […]

3 mins read