> TritonInfoSec News

# Archive

Browse past daily curated stories

Mar 22 Mar 21 Mar 20 Mar 19 Mar 18 Mar 17 Mar 16 Mar 15 Mar 14 Mar 13 Mar 12 Mar 11 Mar 10 Mar 09 Mar 08 Mar 07 Mar 06 Mar 05 Mar 04 Mar 03 Mar 02 Mar 01 Feb 28 Feb 27 Feb 26 Feb 25 Feb 24 Feb 23 Feb 21 Feb 20

Sunday, March 22, 2026

  1. 1
    0
    BleepingComputer general
    Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

    The Trivy vulnerability scanner suffered a supply-chain attack by threat actors TeamPCP, who compromised official releases and GitHub Actions to distribute credential-stealing malware. This attack impacted the widely-used open-source scanner maintained by Aqua Security, demonstrating how critical security tools can become vectors for further compromise.

  2. 2
    0
    The Hacker News general
    Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

    Following the Trivy scanner compromise, the same attackers deployed CanisterWorm, a self-propagating worm that infected 47 npm packages using ICP canisters (smart contracts on the Internet Computer Protocol). The malware demonstrates sophisticated supply chain attack techniques by leveraging tamperproof smart contracts for persistence and propagation across the JavaScript ecosystem.

  3. 3
    0
    The Hacker News general
    Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

    Oracle released an emergency patch for CVE-2026-21992, a critical vulnerability with CVSS score 9.8 affecting Identity Manager and Web Services Manager that enables unauthenticated remote code execution. The flaw is remotely exploitable without authentication, making it a high-priority target for attackers seeking to compromise Oracle enterprise environments.

  4. 4
    0
    The Hacker News general
    CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

    CISA added five vulnerabilities to its Known Exploited Vulnerabilities catalog, including CVE-2025-31277 (CVSS 8.8) affecting Apple products, with federal agencies required to patch by April 3, 2026. The additions include flaws in Craft CMS and Laravel Livewire, indicating active exploitation against these platforms in the wild.

  5. 5
    0
    The Hacker News general
    FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

    FBI and CISA warn that Russian Intelligence Services are conducting phishing campaigns targeting WhatsApp and Signal accounts belonging to high-value intelligence targets. The attacks aim to compromise commercial messaging applications to gain control of accounts used by individuals with significant intelligence value, representing a shift toward targeting secure communication platforms.

  6. 6
    0
    The Hacker News general
    DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks

    The Department of Justice disrupted four major IoT botnets (AISURU, Kimwolf, JackSkid, and Mossad) that compromised 3 million devices and enabled record-breaking 31.4 Tbps DDoS attacks. The international operation involved authorities from Canada and Germany targeting the botnet operators and their command-and-control infrastructure.

  7. 7
    0
    SecurityWeek general
    Critical Quest KACE Vulnerability Potentially Exploited in Attacks

    Quest KACE vulnerability CVE-2025-32975 may have been exploited in attacks against the education sector, with the flaw potentially enabling significant compromise of network management systems. The vulnerability affects Quest's KACE systems management appliance used widely in educational environments for device management and security.

  8. 8
    0
    SecurityWeek general
    US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites

    The US confirmed links between the Handala hacking group and the Iranian government while seizing several domains used for cyber-enabled psychological operations. This action represents a significant attribution and disruption effort against Iranian state-sponsored cyber activities targeting US interests and allies.

  9. 9
    0
    BleepingComputer general
    Police take down 373,000 fake CSAM sites in Operation Alice

    Operation Alice shut down over 373,000 dark web sites offering fake child sexual abuse material packages in an international law enforcement action. The operation targeted one of the largest known networks of fraudulent platforms designed to scam users seeking illegal content while gathering intelligence on potential offenders.

  10. 10
    0
    SecurityWeek general
    Navia Data Breach Impacts 2.7 Million

    Navia suffered a data breach between late December 2025 and mid-January 2026 affecting 2.7 million individuals, with hackers stealing personal and health plan information from the benefits administration company. The breach highlights ongoing risks to healthcare-related data managed by third-party administrators serving multiple organizations.