Vulnerabilities & Exploits

04

Apr

TeamPCP Supply Chain Attack Compromises 1,000+ SaaS Tenants

Collection BriefCloud SecurityISC.SANS.EDU TeamPCP Supply Chain Attack Compromises 1,000+ SaaS Tenants Why it mattersSupply chain threats amplify

04 Apr 2026

2 min read

03

Apr

Apple Issues iOS 18.7.7 Patch to Block DarkSword Kernel Exploit

7SecureCollection BriefVulnerabilitiesMALWAREBYTES.COM Apple Issues iOS 18.7.7 Patch to Block DarkSword Kernel Exploit Why it mattersMobile devices remain

03 Apr 2026

1 min read

03

Apr

Stardust Chollima Tied to Recent Axios npm Supply‑Chain Compromise

7SecureCollection BriefVulnerabilitiesCROWDSTRIKE.COM Stardust Chollima Tied to Recent Axios npm Supply‑Chain Compromise Why it mattersThe attribution to a known

03 Apr 2026

1 min read

03

Apr

Axios npm Package Compromise Leads to Credential Theft Across Thousands of Projects

7SecureCollection BriefData BreachesUNIT42.PALOALTONETWORKS.COM Axios npm Package Compromise Leads to Credential Theft Across Thousands of Projects Why it mattersEnterprises

03 Apr 2026

2 min read

03

Apr

Operation TrueChaos Exploits Zero‑Day in Video‑Conferencing Client to Target SE Asian Governments

7SecureCollection BriefVulnerabilitiesRESEARCH.CHECKPOINT.COM Operation TrueChaos Exploits Zero‑Day in Video‑Conferencing Client to Target SE Asian Governments Why it

03 Apr 2026

2 min read

03

Apr

Axios NPM Library Hijacked: Supply‑Chain Attack Exfiltrates Secrets

7SecureCollection BriefData BreachesGITHUB.COM Axios NPM Library Hijacked: Supply‑Chain Attack Exfiltrates Secrets Why it mattersA cleaner long-form article view

03 Apr 2026

2 min read

03

Apr

Massive Next.js Flaw Fuels Credential Harvesting Across 766 Sites

7SecureCollection BriefData BreachesTHEHACKERNEWS.COM Massive Next.js Flaw Fuels Credential Harvesting Across 766 Sites Why it mattersA cleaner long-form article

03 Apr 2026

2 min read

03

Apr

Apple Deploys DarkSword Patch Bundle in iOS 18.7.7, Closes Critical RCE Bugs

7SecureCollection BriefVulnerabilitiesMALWAREBYTES.COM Apple Deploys DarkSword Patch Bundle in iOS 18.7.7, Closes Critical RCE Bugs Why it mattersA

03 Apr 2026

2 min read

02

Apr

Student Loan Portal Hack Exposes 2.5M Records via Web App Flaw

7SecureCollection BriefData BreachesTHREATPOST.COM Student Loan Portal Hack Exposes 2.5M Records via Web App Flaw Why it mattersA cleaner

02 Apr 2026

2 min read

02

Apr

Supply‑Chain Attack via Tampered LiteLLM Compromises Mercor Recruitment Data

7SecureCollection BriefData BreachesGO.THEREGISTER.COM Supply‑Chain Attack via Tampered LiteLLM Compromises Mercor Recruitment Data Why it mattersA cleaner long-form

02 Apr 2026

2 min read

TeamPCP Supply Chain Attack Compromises 1,000+ SaaS Tenants

Apple Issues iOS 18.7.7 Patch to Block DarkSword Kernel Exploit

Stardust Chollima Tied to Recent Axios npm Supply‑Chain Compromise

Axios npm Package Compromise Leads to Credential Theft Across Thousands of Projects

Operation TrueChaos Exploits Zero‑Day in Video‑Conferencing Client to Target SE Asian Governments

Axios NPM Library Hijacked: Supply‑Chain Attack Exfiltrates Secrets

Massive Next.js Flaw Fuels Credential Harvesting Across 766 Sites

Apple Deploys DarkSword Patch Bundle in iOS 18.7.7, Closes Critical RCE Bugs

Student Loan Portal Hack Exposes 2.5M Records via Web App Flaw

Supply‑Chain Attack via Tampered LiteLLM Compromises Mercor Recruitment Data

Apple Issues iOS 18.7.7 Patch to Block DarkSword Kernel Exploit

Stardust Chollima Tied to Recent Axios npm Supply‑Chain Compromise

Apple Deploys DarkSword Patch Bundle in iOS 18.7.7, Closes Critical RCE Bugs