The latest GitGuardian State of Secrets Sprawl 2026 report shows that hardcoded secrets in code and infrastructure are not just a persistent problem – they are accelerating rapidly. In 2025, GitGuardian detected 29 million new secrets on public GitHub, a 34% year‑over‑year increase and the sharpest rise since the report began. Hardcoded secrets on GitHub … Read more
A government organization in Southeast Asia has been hit by a large-scale cyber espionage campaign that Palo Alto Networks’ Unit 42 describes as “sophisticated and well-resourced.” The investigation points to three coordinated activity clusters with links to China-nexus threat actors, working in parallel to achieve long-term access to sensitive government systems. Three Coordinated Threat Clusters … Read more
The Iran-aligned Handala Hack Team, believed to be operating on behalf of Iran’s Ministry of Intelligence and Security (MOIS), has claimed responsibility for breaching the personal email account of senior FBI official Kash Patel and leaking an archive of his messages and files. The incident highlights the growing sophistication of Iranian state-backed cyber operations that … Read more
A new critical vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway, tracked as CVE-2026-3055 with a CVSS score of 9.3, has already drawn the attention of threat actors. Security researchers from Defused Cyber and watchTowr report active internet-wide reconnaissance for vulnerable instances, indicating that attackers are preparing for large-scale exploitation once reliable methods are … Read more
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in F5 BIG-IP Access Policy Manager (APM), tracked as CVE-2025-53521, to its Known Exploited Vulnerabilities (KEV) catalog. This confirms the vulnerability is being actively exploited in real-world attacks and significantly raises the urgency for organizations relying on F5 for remote access and … Read more
Apple has begun displaying critical system alerts directly on the lock screen of iPhone and iPad devices running outdated versions of iOS and iPadOS. These prominent warnings inform users that their software is being actively targeted by real-world attacks delivered through malicious web content and urge them to install security updates immediately. What Apple’s Lock … Read more
A new phase in an ongoing software supply chain attack campaign has compromised the popular Python package Telnyx, with malicious releases published to PyPI. The activity is attributed to the threat group TeamPCP, previously linked to the compromise of tools such as Trivy, KICS and the litellm library. In this incident, the attackers uploaded two … Read more
Cybercriminals have launched a new wave of adversary‑in‑the‑middle (AitM) phishing attacks targeting TikTok for Business accounts, aiming to steal credentials and live session tokens. In parallel, researchers have observed a separate campaign using malicious SVG email attachments that deliver malware with code overlap to the BianLian ransomware family. Together, these incidents highlight how threat actors … Read more
Security researchers have disclosed three vulnerabilities in the popular AI development frameworks LangChain and LangGraph that can lead to leakage of filesystem data, environment secrets and user conversation history. These weaknesses affect enterprise deployments of large language model (LLM) applications and demonstrate that AI infrastructure is subject to the same classic security flaws as any … Read more
The widely used JavaScript HTTP client Axios has been at the center of a significant npm supply chain attack, in which attackers slipped a malicious dependency into selected releases to deploy a cross‑platform remote access trojan (RAT). Given Axios’s more than 83 million weekly downloads, even a short‑lived compromise creates serious systemic risk. Malicious Axios … Read more
