This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there.

One weak spot now spreads wider than before. What starts small can reach a lot of systems fast. New bugs, faster use, less time to react.

That’s this week. Read through it.

⚡ Threat of the Week

Axios npm Package Compromised by N. Korean Hackers—Threat actors with ties to North Korea seized control of the npm account belonging to the lead maintainer of Axios, a popular npm package with nearly 100 million weekly downloads, to push malicious versions containing a cross-platform malware dubbed WAVESHAPER.V2. The activity has been attributed to a financially motivated threat actor known as UNC1069. The incident demonstrates how quickly the compromise of a popular npm package can have ripple effects through the ecosystem. The malware’s self-deleting anti-forensic cleanup points to a deliberate, planned operation. «The build pipeline is becoming the new front line. Attackers know that if they can compromise the systems that build and distribute software, they can inherit trust at scale,» Avital Harel, Security Researcher at Upwind, said. «That’s what makes these attacks so dangerous — they’re not just targeting one application, they’re targeting the process behind many of them. Organizations should be looking much more closely at CI/CD systems, package dependencies, and developer environments, because that’s increasingly where attackers are placing their bets.» Ismael Valenzuela, vice president of Labs, Threat Research, and Intelligence at Arctic Wolf, said the Axios npm compromise reflects a broader trend where attackers infiltrate trusted, widely used software components to obtain access to downstream customers at scale. «Even though the malicious versions were available for only a few hours, Axios is so deeply embedded across enterprise applications that organizations may have unknowingly pulled the compromised code into their environments through build pipelines or downstream dependencies,» Valenzuela added. «That downstream exposure is what makes these incidents particularly difficult to spot and contain, especially for teams that never directly chose to install Axios themselves. This incident reinforces that security teams need to treat build‑time tools and dependencies as part of the attack surface and not just trust tools by default.»

🔔 Top News

• Google Patches Actively Exploited Chrome 0-Day—Google released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild. The high-severity vulnerability, CVE-2026-5281 (CVSS score: N/A), concerns a use-after-free bug in Dawn, an open-source and cross-platform implementation of the WebGPU standard. Users are advised to update their Chrome browser to versions 146.0.7680.177/178 for Windows and Apple macOS, and 146.0.7680.177 for Linux. Google did not reveal how the vulnerability is being exploited and who is behind the exploitation effort.
• TrueConf 0-Day Exploited in Attacks Targeting Government Entities in Southeast Asia—Chinese hackers have exploited a zero-day vulnerability in the TrueConf video conferencing software in attacks against government entities in Southeast Asia. The exploited flaw, tracked as CVE-2026-3502 (CVSS score of 7.8), exists because of a lack of integrity checks when fetching application update code, allowing an attacker to distribute a tampered update. «The compromised TrueConf on-premises server was operated by the governmental IT department and served as a video conferencing platform for dozens of government entities across the country, which were all supplied with the same malicious update,» Check Point said. The activity, which began in January 2026, involved the deployment of the Havoc framework. Most infections likely began with a link sent to the victims. TrueConf is used widely across organizations in Asia, Europe, and the Americas, serving about 100,000 organizations globally.
• Fortinet FortiClient EMS Flaw Under Attack—Fortinet released out-of-band patches for a critical security flaw impacting FortiClient EMS (CVE-2026-35616) that it said has been exploited in the wild. The vulnerability has been described as a pre-authentication API access bypass leading to privilege escalation. Exploitation efforts against CVE-2026-35616 were first recorded against its honeypots on March 31, 2026, per watchTowr. The development comes days after another recently patched, critical vulnerability in FortiClient EMS (CVE-2026-21643) came under active exploitation.
• Apple Backports DarkSword Fixes to More Devices—Apple expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of devices to protect users from the risk posed by a recently disclosed exploit kit known as DarkSword. The update targets customers whose devices are capable of upgrading to the newest operating system (iOS 26), but have chosen to remain on iOS 18. Apple has taken the unprecedented step to counter risks posed by an exploit kit called DarkSword. The broader availability of the patches underscores the level of threat that malware like DarkSword poses. The fact that a large number of users were still using iOS 18, combined with the leak of a new version of DarkSword on GitHub, has pushed Apple towards releasing the fix so that they can stay protected without the need for updating to iOS 26. The leak is significant as it puts it within reach of less technically savvy cybercriminals out there.
• ClickFix Attack Leads to DeepLoad Malware—The ClickFix technique is being used to deliver a stealthy malware named DeepLoad that’s capable of stealing credentials and intercepting browser interactions. The malware first emerged on a dark web cybercrime forum in early February 2026, when a threat actor, using the alias «MysteryHack,» advertised it as a «centralized panel for multiple types of malware.» According to ZeroFox, «DeepLoad’s design is explicitly focused on actively facilitating real-time cryptocurrency theft, which almost certainly makes it an attractive malware suite in the cybercrime-as-a-service (CaaS) environment.» The malware has since been distributed to Windows systems through ClickFix under the guise of resolving fake browser error messages. Besides stealing credentials, the malware drops a rogue browser extension to intercept sensitive data and spreads via removable USB drives. DeepLoad’s actual attack logic is buried under layers of obfuscation, raising the possibility that some parts of the malware were developed using an artificial intelligence (AI) model.
• Claude Code Source Code Leaks—Anthropic acknowledged that internal code for its popular artificial intelligence (AI) coding assistant, Claude Code, had been inadvertently released due to a human error. Essentially, what happened was this: When Anthropic pushed out version 2.1.88 of its Claude Code npm package, it accidentally included a map file that exposed nearly 2,000 source code files and more than 512,000 lines of code. The source code leak has since revealed various features the company appears to be working on or that are built into the service, including an Undercover mode to hide AI authorship from contributions to public code repositories, a persistent background agent called KAIROS, combat distillation attacks, and active monitoring of words and phrases that show signs of user frustration. The leak also quickly escalated into a cybersecurity threat, as attackers pounced on the surge in interest to lure developers into downloading stealer malware.

🔥 Trending CVEs

New vulnerabilities show up every week, and the window between disclosure and exploitation keeps getting shorter. The flaws below are this week’s most critical — high-severity, widely used software, or already drawing attention from the security community.

Check these first, patch what applies, and don’t wait on the ones marked urgent — CVE-2026-35616 (Fortinet FortiClient EMS), CVE-2026-20093 (Cisco Integrated Management Controller), CVE-2026-20160 (Cisco Smart Software Manager On-Prem), CVE-2026-5281 (Google Chrome), CVE-2026-3502 (TrueConf), CVE-2026-27876, CVE-2026-27880 (Grafana), CVE-2026-4789 (Kyverno), CVE-2026-2275, CVE-2026-2285, CVE-2026-2286, CVE-2026-2287 (CrewAI), CVE-2025-14819 (Notepad++), CVE-2026-34714, CVE-2026-34982 (Vim), CVE-2026-33660, CVE-2026-33696 (n8n), CVE-2026-25639 (Axios), CVE-2026-25075 (strongSwan), CVE-2026-34156 (NocoBase), CVE-2026-3308 (Artifex MuPDF), CVE-2026-1579 (PX4 Autopilot), CVE-2026-3991 (Symantec Data Loss Prevention Agent for Windows), CVE-2026-33026 (nginx-ui), CVE-2026-33416, CVE-2026-33636 (libpng), CVE-2026-3775, CVE-2026-3779 (Foxit PDF Editor), CVE-2026-34980, CVE-2026-34990 (CUPS), and CVE-2026-34121 (TP-Link).

🎥 Cybersecurity Webinars

• Learn How to Close Identity Gaps Using Insights from IT Leaders → Identity programs face rising risk from disconnected apps, manual credentials, and expanding AI access. Based on 2026 insights from 600+ IT and security leaders, this session shows what to measure, fix, and do now to close identity gaps and regain control.
• Learn How to Build Secure AI Agents Using Identity, Visibility, and Control → AI agents are already being used, but most teams don’t know how to secure them properly. This session shows a clear, practical way to do it using three key ideas: identity, visibility, and control.You will see what real deployment looks like, how to track what agents do, and how to manage their behavior safely.It also explains how to secure AI systems today without waiting for standards to settle.

📰 Around the Cyber World

• Device Code Phishing Attacks Surge —Device code phishing attacks, which abuse the OAuth device authorization grant flow to hijack accounts, have surged more than 37.5x this year. Push Security said it detected a 15x increase in device code phishing pages at the start of March 2026, indicating that the technique has finally entered mainstream adoption. «The technique tricks a user into issuing access tokens for an attacker-controlled application (not a device, confusingly),» the company said. «Any app that supports device code logins can be a target. Popular examples include Microsoft, Google, Salesforce, GitHub, and AWS. That said, Microsoft is, as always, much more heavily targeted at scale now than any other app.» This has been fueled by the emergence of EvilTokens (aka ANTIBOT), the first reported criminal PhaaS (Phishing-as-a-Service) toolkit that supports device code pushing. EvilTokens features a Cloudflare Workers frontend and a Railway backend for authentication. Early iterations of the PhaaS kit emerged in January 2026. Another closed-source PhaaS kit called Venom offers device code phishing capabilities similar to EvilTokens. Some of the other PhaaS kits that have incorporated this technique include SHAREFILE, CLURE, LINKID, AUTHOV, DOCUPOLL, FLOW_TOKEN, PAPRIKA, DCSTATUS, and DOLCE.
• LinkedIn Comes Under Scanner for BrowserGate —A newly published report called BrowserGate alleged that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for thousands of installed Google Chrome extensions and collect device data without users’ consent. «LinkedIn scans for over 200 products that directly compete with its own sales tools, including Apollo, Lusha, and ZoomInfo,» the report said. «Because LinkedIn knows each user’s employer, it can map which companies use which competitor products. It is extracting the customer lists of thousands of software companies from their users’ browsers without anyone’s knowledge. Then it uses what it finds. LinkedIn has already sent enforcement threats to users of third-party tools, using data obtained through this covert scanning to identify its targets.» The report also claimed LinkedIn loads an invisible tracking pixel from HUMAN Security, along with a separate fingerprinting script that runs from LinkedIn’s servers and a third script from Google that runs silently on every page load. In response to the findings, LinkedIn told Bleeping Computer it scans for certain extensions that scrape data without members’ consent in violation of its terms of service. The company also claimed the report is from an individual who is «subject to an account restriction for scraping and other violations of LinkedIn’s Terms of Service.»
• ICE Confirms Use of Paragon Spyware —The U.S. Immigration and Customs Enforcement (ICE) confirmed it uses spyware developed by Paragon to «identify, disrupt, and dismantle Foreign Terrorist Organizations, addressing the escalating fentanyl epidemic and safeguarding national security.» Paragon’s Graphite spyware has been found on the phones of journalists. WhatsApp last year said it disrupted a campaign that deployed the spyware against its users. The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are suspected to be customers of the Israeli company.
• Ex-Engineer Pleads Guilty to Extortion Campaign —Daniel Rhyne, 59, of Kansas City, Missouri, pleaded guilty to a failed data extortion campaign that targeted his former employer. Rhyne was arrested in September 2024. According to court documents, Rhyne worked as a core infrastructure engineer at a U.S.-based industrial company headquartered in New Jersey. In November 2023, the defendant executed a ransomware attack against the company and sent an extortion email to its employees, threatening to continue shutting down the firm’s servers unless he was paid about 20 Bitcoin, which was valued at $750,000 at the time. Last month, the U.S. Justice Department (DoJ) announced the conviction of Cameron Curry (aka Loot), a 27-year-old from Charlotte, North Carolina, for carrying out a cyber extortion scheme against a D.C.-based international technology company called Brightly Software. «Trial evidence established that Curry misused his position to access the victim company’s personnel and other sensitive corporate records, which he then used to carry out the cyber extortion scheme after he learned that his contract was not going to be renewed and that he would no longer be employed by the company,» the DoJ said. Between December 11, 2023, and January 24, 2024, Curry sent more than 60 emails to company executives and employees, stating he would disclose sensitive information unless he was paid $2.5 million in cryptocurrency. Brightly ended up paying $7,540 in Bitcoin.
• Residential Proxies Bypass Reputation Systems —Threat intelligence firm GreyNoise’s analysis of 4 billion sessions targeting the edge over a 90-day period from November 29, 2025, to February 27, 2026, found that 39% of unique IP addresses targeting the edge originated from home internet connections, and that 78% vanish before any reputation system can flag them. «78% of residential IPs appear in only 1–2 sessions and are never observed again,» it said. «IP reputation is structurally broken against residential proxies. The rotation rate exceeds the update cycle of any feed-based defense.» This behavior also makes source IPs indistinguishable from a legitimate user’s connection. The data also showed that 0.1% of residential sessions carry exploitation payloads, in contrast to 1.0% from hosting infrastructure, indicating that they are primarily used for network scanning and reconnaissance. The residential proxy traffic is generated by IoT botnets and infected computers, with the networks also resilient against takedown efforts. «After IPIDEA lost 40% of its nodes, operators backfilled within weeks,» GreyNoise said. «Every major takedown produces the same result — temporary disruption, then regeneration.» The company also recommended that «Detection must shift from ‘where is the traffic from?’ to ‘what is the traffic doing?» Device fingerprinting provides more durable detection because fingerprints survive IP rotation.»
• Suspected N. Korea Campaign Targets Cryptocurrency Companies Using React2Shell —A new campaign has been observed systematically compromising cryptocurrency organizations by exploiting web application vulnerabilities such as React2Shell (CVE-2025-55182), pillaging AWS tenants with valid credentials, and exfiltrating proprietary exchange software containing hardcoded secrets. «Their targeting spans the crypto supply chain, from staking platforms, to exchange software providers, to the exchanges themselves,» Ctrl-Alt-Intel said. The threat intelligence firm has assessed the activity with moderate confidence to be aligned with North Korean cryptocurrency theft operations.
• India Extends SIM-Binding Mandate —The Indian government has extended its SIM-binding mandate through December 31, 2026, while shelving plans to require messaging apps to forcibly log out web-based sessions like WhatsApp Web every six hours. The decision comes after the Broadband India Forum, which represents Meta and Google, warned the Department of Telecommunications (DoT) that the directions were unconstitutional. Under the framework announced in November 2025, a messaging app account would be tied exclusively to the physical SIM card during registration. This meant that the users could access the messages and other content only when that SIM is present in the device. Companies were given 90 days (i.e., until the end of February 2026) to comply. While SIM binding has been proposed as a way to combat spammers and conduct cross‑border fraud, the move has raised feasibility and user experience concerns. According to Moneycontrol, WhatsApp is said to be beta testing SIM binding on Android.
• Russian Threat Actors Looking to Regain Access Through Compromised Infrastructure —Russian threat actors like APT28 and Void Blizzard are attempting to regain access to computer systems they previously compromised to check if access is still available and whether the obtained credentials remain valid, CERT-UA has warned. «Unfortunately, these attempts sometimes succeed if the root cause of the initial incident has not been completely eliminated,» the agency said.
• OkCupid Settles with FTC for Privacy Violations —OkCupid and its owner, Match Group, reached a settlement with the U.S. Federal Trade Commission over allegations that it did not inform its customers that nearly three million user photos were shared with Clarifai, a company that develops AI systems to identify and analyze images and videos. The complaint also accused the dating site of sharing users’ location information and other details without their consent. As part of the settlement, OkCupid and Match did not admit or deny the allegations but agreed to a permanent prohibition that prevents them from misrepresenting how they use and share personal data.
• New Android Malware Mirax Advertised —A sophisticated new Android banking trojan named Mirax is being advertised as a private malware-as-a-service (MaaS) offering for up to $2,500 per month. The malware enables customers to gain remote control over devices and includes specialized overlays for more than 700 different financial applications to steal credentials and other sensitive information. It can also capture keystrokes, intercept SMS messages, record lock screen patterns, and use the infected device as a SOCKS5 proxy.
• Venom Stealer Spreads via ClickFix —A new malware-as-a-service (MaaS) platform dubbed Venom Stealer is being sold on cybercrime forums as a subscription ($250/month to $1,800 for lifetime access). It’s marketed as «the Apex Predator of Wallet Extraction.» Unlike other stealers, it automates credential theft and enables continuous data exfiltration. «It builds ClickFix social engineering directly into the operator panel, automates every step after initial access, and creates a continuous exfiltration pipeline that does not end when the initial payload finishes running,» BlackFog said. The development coincides with a new ClickFix variant that replaces PowerShell with a «rundll32.exe» command to download a DLL from an attacker-controlled WebDAV resource. The attack leads to the execution of a secondary loader called SkimokKeep, which then downloads additional payloads, while incorporating anti-sandboxing and anti-debugging mechanisms. In the meantime, recent ClickFix campaigns have also leveraged searches for installation tutorials for OpenClaw, Claude, and other AI tools, as well as for common macOS issues to push stealer malware like MacSync.
• More Information Stealers Spotted —Speaking of stealers, recent campaigns have also been observed using procurement-themed email lures and fake Homebrew install guides served via sponsored search results to deliver Phantom Stealer and SHub Stealer. Some other newly discovered infostealer malware families include Storm, MioLab, and Torg Grabber. In a related development, CyberProof said it observed a surge in PXA Stealer activity targeting global financial institutions during Q1 2026. Another malware that has gained notoriety is BlankGrabber, which is distributed through social engineering and phishing campaigns. Data gathered by Flare shows that a single stealer log can be devastating, with individual logs containing up to 1,381 pieces of personally identifiable information. In an analysis published by Whiteintel last month, the company found that a single careless download of cracked software by one employee can hand criminal groups direct access to an entire corporate network in under two days. «An employee downloads cracked software on Tuesday afternoon,» it said. «By Thursday morning, their credentials are listed on the Russian Market for $15. Corporate VPN access, AWS credentials, session tokens that bypass MFA – all packaged and ready for purchase.»
• Phishing Campaign Targets Philippine Banking Users —An ongoing phishing campaign targeting major banks in the Philippines is using email phishing via compromised accounts as the initial vector to harvest online banking credentials and one-time passwords (OTPs) for financial fraud. According to Group-IB, the campaign began in early 2024, distributing over 900 malicious links as part of the coordinated scheme. Clicking on the link embedded in the email message triggers a redirection chain that uses trusted services like Google Business, AMP CDN, Cloudflare Workers, and URL shorteners before taking the victims to the final landing page. «The campaign enables real-time financial fraud by bypassing MFA mechanisms through the theft of valid One-Time Passwords (OTP), allowing attackers to perform unauthorized fund transfers,» the company said. «Telegram bots were used as exfiltration channels, enabling threat actors to automatically collect victims’ login information in real time.» The activity has been attributed to a threat group called PHISLES.
• Chrome Extensions Harvests ChatGPT Conversations —A malicious Chrome extension, named «ChatGPT Ad Blocker» (ID: ipmmidjikiklckbngllogmggoofbhjikgb), found on the Chrome Web Store masquerades as an ad-blocking tool for the AI chatbot, but contains functionality to «steal the user’s ChatGPT conversations data by systematically copying the HTML page and sending to it to a webhook on a private Discord channel,» DomainTools said.
• Iran Conflict Triggers Espionage Activity in Middle East —In the aftermath of the U.S.-Israel-Iran conflict, Proofpoint said it has recorded an increase in campaigns from state-sponsored threat actors likely affiliated with China (UNK_InnerAmbush, which uses phishing emails to deliver Cobalt Strike payload), Belarus (TA473, which has used HTML attachments in emails for reconnaissance), Pakistan (UNK_RobotDreams, which has sent spear-phishing emails to India-based offices of Middle East government entities to deliver a Rust backdoor), and Hamas (TA402, which has used compromised Iraq government email addresses to conduct Microsoft account credential harvesting) targeting Middle East government organizations. The enterprise security company said it also identified the Charming Kitten actor targeting a think tank in the U.S. to trick recipients into entering their Microsoft account credentials. One activity cluster that remains unattributed is UNK_NightOwl. The email messages include a domain that spoofed Microsoft OneDrive, leading the victim to a credential harvesting page. If the user enters credentials and clicks the sign-in button, the target is redirected to «hxxps://iran.liveuamap[.]com/,» a legitimate open-source platform called Liveuamap with news updates on the Middle East conflict.
• U.K. Warns of Messaging App Targeting —The U.K. National Cyber Security Centre (NCSC) became the latest cybersecurity agency to warn of malicious activity from messaging apps like WhatsApp, Messenger, and Signal, where threat actors could trick high-risk individuals into sharing their login or account recovery codes, or linking an attacker-controlled device under their accounts.

🔧 Cybersecurity Tools

• Dev Machine Guard → It is an open-source script that scans a developer machine to list installed tools and detect security risks across IDEs, AI agents, extensions, and configurations, without accessing source code or secrets, helping expose gaps traditional tools miss in developer environments.
• Pius → It is an open-source tool that maps a company’s external attack surface by discovering and cataloging internet-facing assets, helping security teams identify exposure and reconnaissance risks that could be targeted by attackers.

Disclaimer: For research and educational use only. Not security-audited. Review all code before use, test in isolated environments, and ensure compliance with applicable laws.

Conclusion

The lesson is simple. Small things matter. Most issues now start from normal parts of the system, not big, obvious gaps.

Don’t trust anything just because it looks routine. Updates, tools, and background systems can all be used in the wrong way. If it seems low risk, check it again. That’s where the problems are starting now.