Axios NPM Package Hit by Massive Supply Chain Attack; CISA Orders Urgent Patch for Actively Exploited Citrix Flaw

Publication Date: March 30, 2026

Summary

A critical 24-hour period in cybersecurity saw a high-impact supply chain attack compromise the widely used 'axios' NPM package, deploying a cross-platform RAT to potentially millions of developers. Concurrently, CISA mandated an emergency patch for an actively exploited Citrix NetScaler vulnerability (CVE-2026-3055). Other major incidents include a sprawling supply chain campaign by 'TeamPCP' hitting security tools like Trivy and Checkmarx, a significant data breach at the European Commission claimed by ShinyHunters, and the emergence of the 'EvilTokens' Phishing-as-a-Service targeting Microsoft 365 accounts. These events highlight escalating threats against software supply chains, critical infrastructure, and cloud services.

Today New Articles

GitHub Discussions Weaponized to Spread Malware via Fake VS Code Alerts

A large-scale, automated phishing campaign is abusing the GitHub Discussions feature to target developers. Attackers are spamming thousands of repositories with fake security alerts for Microsoft's Visual Studio Code, using fabricated CVEs to create a sense of...

Healthcare IT Firm CareCloud Probes Patient Data Access in EHR Breach

Healthcare technology provider CareCloud is investigating a security breach that gave an unauthorized third party access to one of its electronic health record (EHR) environments for eight hours on March 16, 2026. The company, which serves over 45,000 healthca...

Swiss Critical Infrastructure Hit by 325 Cyberattacks in One Year

The Swiss Federal Office for Cybersecurity has revealed that it received 325 mandatory reports of cyberattacks against the nation's critical infrastructure in the past year, averaging nearly one incident per day. The report, which covers the first year of a ne...

New Phishing-as-a-Service "EvilTokens" Abuses Microsoft's OAuth Device Code Flow

A new and sophisticated Phishing-as-a-Service (PhaaS) platform named EvilTokens is enabling widespread attacks against Microsoft 365 accounts. The service automates the process of stealing access tokens by abusing the legitimate OAuth 2.0 device code authentic...

Chinese-Nexus Actor Exploits TrueConf Zero-Day in "TrueChaos" Campaign

A zero-day vulnerability in the TrueConf video conferencing application, CVE-2026-3502, has been actively exploited in a targeted campaign named 'TrueChaos.' The campaign, attributed with moderate confidence to a Chinese-nexus threat actor, has targeted govern...

Article Updates

Middle East Conflict Amplifies Global Cyber Risks, Reshaping Threat Landscape

Update:A new KELA report reveals Iranian state-sponsored groups are integrating with the cybercrime ecosystem, leveraging ransomware and RaaS affiliates like Pay2Key. This hybrid approach provides plausible deniability for destructive attacks, generates revenue, and...

European Commission Hit by Data Breach; Attacker Claims 350GB Exfiltrated from AWS Cloud

Update:The notorious extortion group ShinyHunters has claimed responsibility for the European Commission's cloud breach, detected on March 24. As proof, the group leaked a 90GB archive of data, purportedly from AWS and NextCloud environments. This leaked data include...