Daily Digest

Critical Supply Chain Attacks on Trivy and Axios Rattle Global Software Industry

Critical Supply Chain Attacks on Trivy and Axios Rattle Global Software Industry

March 31, 2026
4 articles (2 new, 2 updated)
12 min read

Summary

This period saw a dramatic escalation in supply chain attacks, with the widely-used Trivy security scanner and the popular Axios npm package both compromised to distribute malware, impacting countless development pipelines worldwide. Concurrently, the European Commission confirmed a major data breach by the ShinyHunters group, who claim to have exfiltrated over 350GB of sensitive data. New malware threats also emerged, including the 'Infiniti Stealer' targeting macOS and 'DeepLoad' using AI for obfuscation. A critical unpatched vulnerability in PTC Windchill prompted an unprecedented physical police response in Germany, highlighting the severe risk to the manufacturing sector.

Filter by Category

New Articles (2)

'DeepLoad' Malware Leverages AI-Generated Code and ClickFix Social Engineering to Steal Credentials

HIGH

New 'DeepLoad' Malware Campaign Combines AI Obfuscation and 'ClickFix' Delivery to Bypass Defenses

A new malware campaign dubbed 'DeepLoad' is using a potent combination of stealthy delivery and advanced obfuscation to steal credentials from enterprise environments. Researchers at ReliaQuest identified the malware, which is delivered using the 'ClickFix' social engineering technique that tricks users into running malicious commands. What sets DeepLoad apart is its use of what appears to be AI-generated code to create thousands of lines of meaningless variables and functions, effectively hiding its malicious PowerShell loader from static analysis tools and making detection extremely difficult.

March 31, 2026
6 min read
MalwareAIClickFixPowerShellFileless Malware +2 more
'DeepLoad' Malware Leverages AI-Generated Code and ClickFix Social Engineering to Steal Credentials

UK Employee Data Breaches Hit Seven-Year High, Driven by Human Error in Hybrid Work

INFORMATIONAL

Employee Data Breaches in UK Reach Seven-Year High, with Non-Cyber Incidents Surging 15%

Reports of employee data breaches submitted to the UK's Information Commissioner's Office (ICO) have surged to a seven-year high, with 3,872 incidents recorded in 2025. An analysis by law firm Nockolds reveals that while cyber-related incidents fell, non-cyber incidents—primarily driven by human error—jumped by 15%. These errors, such as misaddressing emails or letters and losing paperwork, are being attributed to the complexities of hybrid work environments. The findings underscore the need for organizations to update their data protection policies and training to address the new risks posed by remote and flexible work.

March 31, 2026
5 min read
Data BreachHuman ErrorHybrid WorkICOGDPR +2 more
UK Employee Data Breaches Hit Seven-Year High, Driven by Human Error in Hybrid Work

Updated Articles (2)

Tax Season Phishing Frenzy: Scammers Use IRS and W-2 Lures to Spread Malware

MEDIUM

Microsoft Warns of Surge in Tax-Themed Phishing Campaigns Distributing Malware

Update:

A new report from Proofpoint reveals a significant escalation in tax season cyber threats, with over 100 distinct campaigns observed. Attackers are increasingly using legitimate Remote Monitoring and Management (RMM) tools for persistent access, a shift from traditional malware. Business Email Compromise (BEC) attacks targeting W-2 and W-9 forms are also prevalent. The campaigns have a global reach, impacting countries like Japan, Canada, and Switzerland, and a newly identified actor, TA2730, is active in Asia. This indicates a broader and more sophisticated threat landscape than previously reported.

March 8, 2026
Updated: March 31, 2026
5 min read
PhishingTax SeasonIRSMalwareScreenConnect +3 more
Tax Season Phishing Frenzy: Scammers Use IRS and W-2 Lures to Spread Malware

Ransomware Attack on Spain's Port of Vigo Disrupts Cargo Operations, Forces Manual Processes

HIGH

Ransomware Attack Disrupts Digital Cargo Systems at Spain's Port of Vigo

Update:

This update provides a deeper technical analysis of the Port of Vigo ransomware attack, detailing likely initial access vectors (T1133, T1566), execution, lateral movement, and impact techniques (T1486, T1490). It also outlines cyber observables for detection and enhanced mitigation strategies, including immutable backups and IT/OT convergence security, referencing D3FEND. The article emphasizes the strategic targeting of the maritime sector due to high disruption potential.

March 27, 2026
Updated: March 31, 2026
4 min read
RansomwarePort of VigoSpainMaritime SecurityCritical Infrastructure
Ransomware Attack on Spain's Port of Vigo Disrupts Cargo Operations, Forces Manual Processes

📢 Share This Publication

Help others stay informed about cybersecurity threats

📅 Daily Edition

Curated and deduplicated every day from dozens of trusted sources — giving you one clean, consolidated view of what matters in cybersecurity.

🔢 Deduplication Applied

Related stories are merged into a single evolving article rather than repeated as separate entries — cutting through noise so you only read what's new.

🔗 Full Articles Linked

Every entry links to its full enriched article — complete with MITRE ATT&CK mappings, extracted IOCs, and actionable detection and mitigation guidance.