Supply Chain Attacks Cripple EU Commission and Axios; Google Patches Actively Exploited Chrome Zero-Day

Publication Date: April 4, 2026

Summary

The cybersecurity landscape for April 3-4, 2026, was dominated by a surge in sophisticated supply chain attacks and critical zero-day exploits. The European Commission disclosed a major breach originating from a compromised version of the Trivy vulnerability scanner, while the popular Axios NPM package was hijacked by North Korean actors to distribute malware. Concurrently, Google issued an emergency patch for an actively exploited zero-day in Chrome (CVE-2026-5281). Other significant events include a Chinese APT exploiting a TrueConf zero-day (CVE-2026-3502) to target Asian governments, Russian hackers revisiting old breaches in Ukraine, and a wiper attack on medical giant Stryker, highlighting persistent threats across government, software supply chains, and critical infrastructure.

Today New Articles

Russian APTs Re-Exploiting Past Breaches for Renewed Attacks in Ukraine

Ukraine's computer emergency response team, CERT-UA, has issued a warning that Russian state-sponsored hacking groups like APT28 (Fancy Bear) and Void Blizzard are systematically revisiting networks they have previously compromised. This new tactic focuses on...

Hims & Hers Faces Class Action Probe After Third-Party Vendor Breach

Telehealth company Hims & Hers, Inc. is under investigation for a data breach that originated from its third-party customer service provider, Zendesk. An unauthorized user gained access to the Zendesk platform between February 4 and February 7, 2026, exposing...

Cyberattack Disrupts Emergency Communications in Massachusetts Towns

A cyberattack beginning April 2, 2026, has impacted the Patriot Regional Emergency Communications Center, which provides 911 dispatch services for several towns in northern Massachusetts. The attack has disrupted town and public safety computer systems, taking...

Researchers Gain Access to Hacker Dashboard in React2Shell Campaign

Researchers at Cisco Talos gained access to the operational dashboard of a threat group, UAT-10608, that is actively exploiting the React2Shell vulnerability (CVE-2025-55182) in Next.js applications. A security lapse in the attackers' own infrastructure left a...

Traffic Violation Scams Leverage QR Codes to Harvest Financial Data

A new wave of phishing scams is using QR codes embedded in fake traffic violation notices to trick victims into visiting malicious websites. This tactic bypasses user suspicion of malicious links in text messages and leverages the authority of government imper...

Article Updates

Chinese Hackers Exploit TrueConf Zero-Day in 'Operation TrueChaos'

Update:The zero-day vulnerability, CVE-2026-3502, exploited by a Chinese APT in 'Operation TrueChaos' targeting TrueConf, has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog. This inclusion signifies that the vulnerability is actively being exploit...

EU Commission Suffers Major Data Breach; TeamPCP Hackers Blamed for 92GB Data Heist

Update:The 91.7 GB of compressed data exfiltrated from the European Commission's AWS environment by TeamPCP, which included sensitive email communications and personal information, has now been put up for sale on a dark web forum. The notorious data broker ShinyHunte...

NightSpire Ransomware Claims Attack on French Org, Threatens to Leak Audit Data

Update:Further analysis of the NightSpire ransomware attack on Association OCACIA has revealed additional potential MITRE ATT&CK TTPs, including T1190 (Exploit Public-Facing Application), T1566 (Phishing), T1087 (Account Discovery), T1018 (Remote System Discovery), T...