Breaking News

Vercel confirmed a security incident involving unauthorized access to certain internal systems after a threat actor using the name **ShinyHunters** claimed to be selling allegedly stolen company data on a hacking forum. The company said only a limited subset of customers was affected, its services remain operational, and it has engaged incident response experts, notified law enforcement, and is working directly with impacted customers. The actor claimed the stolen data included access keys, source code, database data, internal deployment access, and API keys, and shared a text file with 580 employee-related records along with a screenshot purportedly showing an internal Vercel Enterprise dashboard. Vercel advised customers to review environment variables and rotate secrets if necessary, while the authenticity of the leaked materials and the attribution to **ShinyHunters** remained unverified; the actor also claimed on Telegram that a **$2 million** ransom demand had been discussed with the company.

A vulnerability in the npm package **`protobufjs`** allows arbitrary JavaScript execution when an application processes attacker-controlled protobuf definition files. The flaw, tracked as **`GHSA-xq3m-2v4x-88gg`**, stems from unsafe handling of protobuf **`type`** fields, which can be compiled into executable JavaScript and triggered during object decoding, creating a path to remote code execution in affected deployments. The issue affects **`protobufjs`** versions up to **`8.0.0`** and **`7.5.4`**, and has been fixed in **`8.0.1`** and **`7.5.5`**. A published proof of concept shows a malicious JSON descriptor invoking Node.js **`child_process`** during decode, underscoring the risk for applications that ingest untrusted schema or descriptor data. Organizations using `protobufjs` should upgrade to the patched releases and review whether external parties can supply protobuf definitions.

A high-severity vulnerability tracked as **CVE-2026-41113** allows remote code execution in the `sagredo-dev/qmail` fork by injecting shell metacharacters into MX hostnames processed by `qmail-remote`. The flaw is in the `tls_quit()` path, where the `notlshosts_auto` feature added in 2024 builds a shell command from attacker-controlled DNS data and executes it with `popen()`. If a target server sends mail to a domain whose DNS is controlled by an attacker, a malicious MX record can trigger command execution as the `qmailr` user when `control/notlshosts_auto` is enabled. The issue affects `sagredo-dev/qmail` versions **v2024.10.26 through v2026.04.02** and was fixed in **v2026.04.07** in commit `749f607`. Public disclosures describe proof-of-concept exploitation using crafted MX values such as `x'\`id>/tmp/pwned\`'y.evil.com`, and the flaw has been assigned a **CVSS 3.1 score of 8.2**. Advisories and follow-on reporting say technical details and exploit code were published alongside the disclosure, increasing the urgency for operators of the Sagredo fork to upgrade immediately.

Silex Technology's **SD-330AC** and **AMC Manager** were disclosed with two serious vulnerabilities that expose devices to remote compromise and unauthorized reconfiguration. The most severe issue, `CVE-2026-32956`, is a **heap-based buffer overflow** in redirect URL processing that can enable **arbitrary code execution** over the network without authentication or user interaction. The flaw is tracked as `CWE-122` and carries a critical `CVSS v3.1` vector of `AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`, indicating full compromise of confidentiality, integrity, and availability is possible. A second flaw, `CVE-2026-32965`, affects devices left in their **factory-default state** and allows them to be configured with a **null string password**, creating an insecure initialization condition. Classified as `CWE-1188`, the vulnerability is network-accessible and primarily threatens device integrity, with a `CVSS v3.1` vector of `AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N`. The issues were reported through **JPCERT/CC** and published via **JVN** and Silex security advisories in Japanese and English, putting administrators on notice to review exposed deployments and initialization practices.

Microsoft confirmed that a recent **Microsoft Edge** update introduced a regression that disables the right-click **Paste** option in the **Microsoft Teams desktop client**, leaving the context-menu entry greyed out for URLs, text, and images. The issue affects **Windows and macOS** systems running Teams desktop version `26072.519.4556.7438`, which relies on an Electron-based framework and the **Edge WebView2** runtime; **Teams for Web** is not affected. Users reported the problem across enterprise and personal accounts, including Teams Free and Insider builds, and Microsoft said reinstalling Teams or clearing its cache does not fix it. The company has identified the cause and is deploying a staged fix while monitoring telemetry, but has not given a firm timeline for full remediation. Until the update reaches affected users, Microsoft is advising use of keyboard shortcuts such as ```Ctrl+V``` on Windows and ```Cmd+V``` on macOS and encouraging feedback or service health reports from impacted tenants.

Microsoft reverted a service update after it caused some **Microsoft Teams desktop client** users to become stuck on the loading screen with the error, “We’re having trouble loading your message. Try refreshing.” The company tracked the disruption as incident `TM1283300`, initially describing it as a transient service infrastructure issue before identifying the root cause as a regression in the Teams client build-caching system that pushed some older desktop builds into an unhealthy state. Microsoft said the impact appears limited to the **desktop client**, with no indication that web or mobile users were affected. The company reported that its automated recovery system helped remediate the issue, then fully rolled back the problematic update and monitored telemetry and customer feedback to confirm recovery. Impacted users were instructed to fully quit and restart Teams so the reverted configuration could propagate, though Microsoft did not disclose how many customers or regions were affected.

Two high-severity vulnerabilities, **`CVE-2026-6563`** and **`CVE-2026-6581`**, were disclosed in **H3C Magic B1** devices running versions up to **`100R004`**, exposing the products to remotely exploitable buffer overflows. Both flaws reside in the **`/goform/aspForm`** component and are triggered by crafted manipulation of the **`param`** argument, with `CVE-2026-6563` affecting the **`SetAPWifiorLedInfoById`** function and `CVE-2026-6581` affecting **`SetMobileAPInfoById`**.

TeamPCP has expanded a multi-ecosystem software supply chain campaign that compromised open-source security and developer tools including **Trivy**, **Checkmarx KICS**, **LiteLLM**, **Telnyx**, GitHub Actions, OpenVSX extensions, Docker images, and packages published through **PyPI** and **npm**. Reporting indicates the attackers used stolen developer and publishing credentials to push malicious releases through trusted channels, harvest environment variables, shell histories, cloud credentials, and GitHub tokens, and move laterally across CI/CD environments. In the Telnyx incident, valid credentials were reportedly used to publish malicious PyPI releases, with a second-stage payload hidden in a WAV file and code triggered on import. The campaign is now being linked to follow-on ransomware activity through an alleged partnership between TeamPCP and the **Vect** ransomware group, which has been advertised on BreachForums as an emerging ransomware-as-a-service operation. Researchers say the supply chain compromises may serve as initial access for extortion campaigns against downstream organizations, with TeamPCP reportedly recruiting negotiators after the Trivy breach and previously exfiltrating roughly **300 GB** of compressed credentials; the LiteLLM compromise alone was tied to hundreds of thousands of stolen credentials. The incidents underscore how compromised open-source tooling and CI/CD infrastructure can give attackers privileged enterprise access and create a path from package poisoning to ransomware deployment.

Multiple reports and threat-intel posts highlighted **North Korea-linked cyber activity** spanning social engineering, malware, and broader ecosystem analysis. AllSecure described an attempted compromise of a CEO via a **fake LinkedIn job interview** attributed to **Lazarus** tradecraft (tagged *BeaverTail* / *Contagious Interview*), indicating continued use of recruiter-style lures and developer tooling themes (e.g., *VSCode*) to gain execution on target systems. Separately, eSentire published technical analysis on the **DEV#POPPER remote access trojan** and associated **OmniStealer** activity, framing it as DPRK-linked malware and providing defensive guidance for organizations facing this threat class. Additional DPRK-focused intelligence covered both strategic and operational dimensions. Google’s *Cloud Threat Horizons Report H1 2026* discussed cloud-focused threat activity and tracked DPRK-linked clusters (including **UNC4899** and **UNC5267**), while Logpresso published an OSINT report on **DPRK remote IT worker** infiltration tactics (fraudulent employment/contractor placement). NKInternet released a catalog-style overview of **North Korea’s software export ecosystem**, and RedAsgard’s “Hunting Lazarus” series contributed hands-on investigative detail into Lazarus operator artifacts. A separate Lazarus threat-actor profile page aggregated historical reporting and statistics, but did not add a discrete new incident beyond compilation.

Escalation in the **Iran-US-Israel conflict** is disrupting regional digital and communications infrastructure through both direct threats and indirect operational impacts. Iran-linked activity has reportedly expanded from military retaliation rhetoric to threats against major U.S. technology companies' facilities in the Middle East, including sites associated with **Microsoft, Amazon, Google, Oracle, IBM, and Nvidia**, while earlier attacks were said to have caused outages at **AWS** datacenters in the UAE and Bahrain. In parallel, maritime traffic near the **Strait of Hormuz** has experienced anomalies consistent with **GNSS spoofing** and other electronic warfare techniques, with vessels reporting false positions and receiving radio warnings that could be used to shape shipping behavior without a formal blockade. The same regional instability is also affecting subsea connectivity projects. Meta's **2Africa** cable build has been delayed after **Alcatel Submarine Networks** declared force majeure and said it could no longer safely operate in the Persian Gulf, leaving the *Pearls* segment incomplete despite most cable having already been laid. Together, the reporting indicates a broader pattern in which conflict around Iran is creating cyber-physical risk across **cloud infrastructure, maritime navigation, and undersea communications**, increasing the likelihood of service disruption, delayed repairs, higher operating costs, and reduced confidence in critical regional infrastructure.

The U.S. Department of Defense has escalated a dispute with **Anthropic** over the conditions under which its AI models could be used by the military, after Anthropic reportedly insisted on limits including *no mass surveillance of Americans* and *no fully autonomous weapons*. Reporting cited in both accounts indicates Pentagon officials have discussed potentially designating Anthropic a **“supply chain risk”**—a step that could bar the company from government work and pressure defense contractors to sever ties—while at least one senior official was quoted as saying the department would “make sure they pay a price” for non-cooperation. At the same time, the Pentagon is engaging **Anthropic, OpenAI, Google, and xAI** to align all major U.S. AI providers on a common “baseline” of expectations, after contracts were signed with limited specificity and the department now wants to deploy models into DoD environments to enable broader development of AI agents with minimal human oversight. The coverage also describes the policy vacuum driving the standoff: key rules for military AI use are being shaped through ad hoc negotiations between the Pentagon and private AI firms, prompting calls for **Congress** to set durable, democratically accountable constraints rather than leaving governance to bilateral bargaining.

dCERT published advisories **2026-0836** and **2026-0866** covering **multiple vulnerabilities in OpenClaw**, indicating that the product is affected by more than one security flaw and that the issue set warranted repeated or updated notification. The advisories identify OpenClaw as the impacted technology but do not provide a public synopsis in the referenced notices. Organizations using **OpenClaw** should review both dCERT advisories to determine affected versions, vulnerability details, and available mitigations or patches. The paired notices suggest ongoing vulnerability handling around the product, making prompt validation of exposure, patch status, and any vendor remediation guidance a priority.

European governments and organizations are intensifying efforts to achieve digital sovereignty in cloud infrastructure, driven by geopolitical uncertainties and concerns over reliance on American hyperscalers such as Microsoft, Google, and Amazon Web Services. With U.S. policy shifts and potential transatlantic tensions, European leaders are prioritizing the development of domestic alternatives and strategies to ensure control over sensitive data and critical workloads. Despite these ambitions, local cloud providers currently hold only a small share of the market, and experts suggest that a new European hyperscaler is unlikely to emerge soon, with existing players like SAP and Deutsche Telekom each controlling only about 2% of the market. In response to these sovereignty concerns, cloud providers are expanding offerings tailored to regulatory and data residency requirements. Amazon Web Services, for example, has introduced Dedicated Local Zones to provide customers with greater control over data location, security, and compliance, supporting sensitive workloads for public sector and regulated industries. These initiatives reflect a broader trend of cloud service adaptation to meet the evolving needs of European customers seeking to balance operational flexibility with strict sovereignty and compliance mandates.

Tyler Robert Buchanan, a 24-year-old British national from Dundee, Scotland, pleaded guilty in U.S. federal court in California to **conspiracy to commit wire fraud** and **aggravated identity theft** for his role in Scattered Spider’s large-scale social-engineering operation. Prosecutors said Buchanan and co-conspirators ran SMS phishing campaigns from September 2021 to April 2023 that impersonated corporate IT help desks and labor providers, used fake login pages and stolen credentials, and carried out SIM swapping to breach companies and individuals. The Justice Department said the scheme stole at least **$8 million in virtual currency** from U.S. victims across telecommunications, technology, cloud communications, outsourcing, gaming, and cryptocurrency sectors. Investigators tied Buchanan to the 2022 **0ktapus** campaign, which used fake Okta login pages to compromise more than 130 organizations, including **Twilio** and **Cloudflare**, and enabled downstream attacks affecting other major brands. Authorities said stolen credentials were funneled into a Telegram channel administered by Buchanan and an associate, and searches of his residence in Scotland uncovered victim company files, personal data, and roughly 20 devices. Buchanan was arrested in Palma de Mallorca by Spanish authorities, extradited to the United States, and has been in federal custody since April 2025; he now faces up to 22 years in prison, underscoring continued law-enforcement pressure on the loosely organized Scattered Spider group, an offshoot of **The Com**.

Threat actors are actively exploiting **CVE-2025-59528**, a **CVSS 10.0** remote code execution flaw in the open-source AI platform **Flowise**. The bug affects Flowise versions through **3.0.5** and stems from the `CustomMCP` node unsafely passing user-controlled input into JavaScript execution, allowing attackers with an API token to run arbitrary code with full **Node.js** runtime privileges. Researchers said the issue can be triggered remotely via a crafted HTTP `POST` request without user interaction, leading to operating system command execution, filesystem access, sensitive data theft, and full system compromise. Security researchers observed in-the-wild exploitation originating from a single **Starlink IP address**, while warning that roughly **12,000 to 15,000** internet-exposed Flowise instances sharply expand the attack surface for opportunistic attacks. Flowise disclosed the vulnerability in 2025, credited researcher **Kim SooHyun**, and patched the flaw in **version 3.0.6**. The incident marks the third Flowise vulnerability reported as exploited in the wild after **CVE-2025-8943** and **CVE-2025-26319**, increasing pressure on organizations to upgrade immediately and limit public exposure of Flowise APIs.

German authorities issued advisories for **Apache Airflow** covering a vulnerability that can bypass security measures and a separate notice for **multiple vulnerabilities** affecting the workflow orchestration platform. The alerts indicate that Airflow deployments may be exposed to weaknesses that undermine intended protections and introduce additional security risk across affected environments. Organizations using Apache Airflow should review the referenced advisories, identify affected versions, and prioritize vendor-recommended updates or mitigations. Because Airflow is commonly used to manage automated data pipelines and scheduled jobs, successful exploitation could weaken access controls or expose connected systems and workflows to further compromise.