Trivy Supply Chain Attack Exposes CI/CD Pipelines; Stryker Hit by Destructive Wiper

Trivy Open-Source Scanner Backdoored in Major Supply Chain Attack, Secrets at Risk

The widely-used open-source security scanner Trivy has been compromised in a sophisticated supply chain attack. Threat actors identified as TeamPCP injected a multi-stage infostealer into official Trivy binaries and GitHub Actions. The breach stemmed from an i...

Cisco Firewall Zero-Day Exploited by Interlock Ransomware for Over a Month Before Patch

A critical insecure deserialization vulnerability in Cisco's Secure Firewall Management Center (FMC), tracked as CVE-2026-20131, was exploited as a zero-day by the Interlock ransomware gang. Amazon's threat intelligence team discovered that exploitation began...

Identity Protection Firm Aura Ironically Breached via Vishing, 900,000 Records Exposed

In a deeply ironic turn of events, identity theft protection company Aura has confirmed a data breach exposing the records of nearly 900,000 individuals. The incident began with a successful voice phishing (vishing) attack, where an employee was socially engin...

Critical UNISOC Modem Flaw Allows Zero-Click RCE on Millions of Android Phones via Cellular Call

A critical, unpatched vulnerability has been discovered in the modem firmware of several UNISOC chipsets, affecting millions of budget and mid-range Android devices from major brands like Samsung and Motorola. The flaw, an uncontrolled recursion issue (CWE-674...

Nordstrom Email System Hijacked to Blast Crypto Scams, Abusing Salesforce and Okta Integration

The official customer email system of retailer Nordstrom was compromised and used to send fraudulent cryptocurrency scam emails. Attackers leveraged Nordstrom's integration with Salesforce Marketing Cloud and Okta, sending emails from the trusted `nordstrom@em...

Disgruntled Affiliate Leaks 'The Gentlemen' Ransomware Gang's Playbook

The operational playbook of 'The Gentlemen,' a nascent Ransomware-as-a-Service (RaaS) operation, has been leaked by a disgruntled affiliate known as 'hastalamuerte'. The leak, stemming from a financial dispute, provides a rare, unfiltered look into the group's...

Critical ConnectWise ScreenConnect Flaw (CVE-2026-3564) Allows Session Hijacking

ConnectWise has patched a critical cryptographic vulnerability in its ScreenConnect remote access software, tracked as CVE-2026-3564. The flaw, which affects all versions prior to 26.1, allows an unauthenticated attacker to extract unique ASP.NET machine keys...

Microsoft Teams Phishing Campaign Uses Quick Assist to Deploy 'A0Backdoor' Malware

A social engineering campaign is targeting enterprise users on Microsoft Teams to deploy a malware strain named 'A0Backdoor'. Reported on March 20, 2026, the attack begins with attackers contacting employees directly on Teams. They then trick the target into g...

International Law Enforcement Operation Dismantles Major IoT DDoS Botnets

A coordinated international law enforcement operation involving the U.S., Canada, and Germany has successfully disrupted the command-and-control (C2) infrastructure of several major IoT botnets. The operation, reported on March 20, 2026, targeted the Aisuru, K...