Supply Chain Attacks and Critical Zero-Days Rattle Global Infrastructure
Summary
This edition covers a tumultuous period in cybersecurity for April 5, 2026, dominated by sophisticated supply chain attacks and the active exploitation of critical zero-day vulnerabilities. The European Commission and AI firms like Meta suffered major data breaches originating from compromised open-source tools including Trivy and LiteLLM, with threat actor TeamPCP implicated in both. Concurrently, Fortinet and Google scrambled to patch actively exploited zero-days in FortiClient EMS (CVE-2026-35616) and the Chrome browser (CVE-2026-5281), both added to CISA's KEV catalog. Critical infrastructure also came under fire, with CISA issuing an emergency directive to decommission medical IoT gateways due to the 'Vitals Vapor' exploit, and Australian water facilities thwarting an attack on their control systems.
Today New Articles
Fortinet Scrambles to Patch Actively Exploited FortiClient EMS Zero-Day (CVE-2026-35616)
Fortinet has released an emergency hotfix for a critical zero-day vulnerability, CVE-2026-35616, affecting its FortiClient Endpoint Management Server (EMS). The flaw, rated 9.1 on the CVSS scale, is an improper access control issue that allows an unauthenticat...
Hong Kong Hospital Authority Apologizes for Data Leak Affecting 56,000 Patients
The Hong Kong Hospital Authority (HA) is investigating a major data breach that exposed the sensitive personal and medical information of over 56,000 patients from its Kowloon East hospital cluster. The data, including HKID numbers and surgical details, was di...
Anthropic Accidentally Leaks 'Claude Code' AI Source Code in Packaging Error
AI research company Anthropic experienced a significant intellectual property leak after the full source code for its flagship 'Claude Code' AI tool was accidentally published. The leak was caused by a packaging error where a JavaScript source map file, includ...
Hyderabad Police Warn of WhatsApp Impersonation Fraud Leading to Major Corporate Losses
Police in Hyderabad, India, have issued an alert about a sophisticated new fraud scheme targeting corporations. The multi-stage attack begins with a phishing email that installs remote access malware on an employee's computer. The criminals then wait for an ac...
Trend Micro Uncovers Coordinated Malware Campaigns Targeting Seven Indian Banks
Cybersecurity firm Trend Micro has identified a large-scale, coordinated phishing campaign targeting the customers of seven major banks in India. The attackers are using five distinct families of banking malware to steal credit card data and personal credentia...
Novel AI 'Feedback Loop' Attack Triggers 4-Hour Market Freeze at Financial Hub
A major global financial hub experienced a four-hour market freeze due to a novel cyberattack that turned an AI-powered defense system against itself. Attackers generated millions of fake, low-grade security alerts, overwhelming the institution's AI-driven Sec...
CISA Mandates Decommission of Medical IoT Gateways Due to 'Vitals Vapor' Zero-Day
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 26-03, ordering the immediate decommissioning of specific legacy embedded IoT gateways used in medical facilities. The urgent action responds to a new zero-day expl...
Australian Water Treatment Facilities Thwart Coordinated PLC Cyberattack
Multiple municipal water treatment facilities in Australia were the target of a coordinated cyberattack aimed at their chemical feed Programmable Logic Controllers (PLCs). The attackers attempted to breach the industrial control systems to override safety thre...
Article Updates
Lapsus$ Claims Theft of 4TB of Data from AI Firm Mercor in LiteLLM Supply Chain Attack
Update:Meta has halted its partnership with AI data contracting startup Mercor following the LiteLLM supply chain attack. The breach, attributed to TeamPCP, exposed highly sensitive and proprietary AI training data and methodologies belonging to Mercor's high-profile...
Cisco Patches Critical Unauthenticated RCE Flaw in Smart Software Manager
Update:Cisco has issued a broader security advisory, now encompassing critical vulnerabilities in its Integrated Management Controller (IMC) in addition to Smart Software Manager On-Prem (SSM On-Prem). The new advisory covers a wider range of affected products, inclu...
EU Commission Hacked via Compromised Trivy Scanner in Major Supply Chain Attack
Update:The European Commission data breach update reveals that the Trivy scanner was compromised through its GitHub CI/CD pipeline. Attackers exfiltrated 92 GB of compressed data, which is now confirmed to be 340 GB uncompressed. The notorious ShinyHunters group publ...
Hims & Hers Faces Class Action Probe After Third-Party Vendor Breach
Update:New information reveals the Hims & Hers data breach was executed by the notorious ShinyHunters extortion group. The attackers gained unauthorized access to the company's Zendesk instance by compromising an Okta single sign-on (SSO) account, leveraging techniqu...