{"id":21716,"date":"2026-03-30T14:24:44","date_gmt":"2026-03-30T12:24:44","guid":{"rendered":"https:\/\/kordon.app\/?p=21716"},"modified":"2026-03-30T15:46:37","modified_gmt":"2026-03-30T13:46:37","slug":"latest-interesting-cybersecurity-news-2026-03-30","status":"publish","type":"post","link":"https:\/\/kordon.app\/et\/latest-interesting-cybersecurity-news-2026-03-30\/","title":{"rendered":"Latest Interesting Cybersecurity News &#8211; 2026-03-30"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>I go through about 25 cybersecurity news portals and blogs every week and pull out the most interesting stories. <\/strong>Then I turn them into this short, digestible summary, so you can stay up to date without trying to follow 25 different sources yourself. \ud83d\ude31<\/p>\n\n\n\n<p>My aim is to create a summary that gives you the gist without needing to open up the source article. But if you do want to dig deeper, all the sources covering the event are linked below each story.<\/p>\n\n\n\n<p><strong>If you enjoy these, come back next Monday<\/strong><\/p>\n\n\n\n<p><strong>scroll to the bottom to subscribe to the e-mail newsletter.<\/strong><\/p>\n<\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">1. npm adds delayed-installs (minimumReleaseAge), tighter Git install controls, and bulk OIDC trusted publishing config<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">Recent npm CLI 11.x releases add controls to <b>reduce supply-chain blast radius<\/b>, including <b>a new minimumReleaseAge setting that blocks installs of newly published package versions until they \u201cage\u201d past a threshold<\/b>. <span style=\"letter-spacing: 0.3px;\">By enforcing a minimum age threshold before a version can be installed, the feature <b>reduces exposure to malicious packages that rely on rapid, automated consumption before detection<\/b> or takedown.<\/span><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Additionally, npm CLI 11.10.0 added <b>&#8211;allow-git controls for npm install<\/b> to address risk from Git dependencies, which can include a .npmrc that overrides the git executable path and (in some cases) enables toolchain-level execution even when &#8211;ignore-scripts is used.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Set and standardize <b>minimumReleaseAge<\/b> in your npm CLI configuration&nbsp;<\/li>\n\n\n\n<li>For CI\/build environments, prefer <b>npm install &#8211;allow-git=none<\/b> unless Git dependencies are explicitly required<\/li>\n\n\n\n<li>If you maintain multiple packages, use <b>npm trust<\/b> to roll out or update OIDC trusted publishing configuration in bulk<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at <\/strong><a href=\"https:\/\/socket.dev\/blog\/npm-introduces-minimumreleaseage-and-bulk-oidc-configuration\">Socket<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2. iOS exploit kits leak to Github \u2192 Apple pushes lock-screen warnings to unpatched iPhones\/iPads<\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><b>Apple has begun sending Lock Screen notifications to devices on older iOS\/iPadOS versions warning urging users to install a \"critical update.\"&nbsp;<\/b><div><br><\/div><div><b>The urgency is amplified by the recent leak of two iOS exploit frameworks<\/b> \u2014 DarkSword and Coruna \u2014 <b>to GitHub<\/b>, putting what were previously tightly held, high-end iPhone exploit chains into the hands of any motivated attacker. Security firms report <b>threat actors are already operationalizing these frameworks<\/b> to deliver malware via malicious or compromised web content.<br><\/div><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><b>Coruna targets iOS 13.0\u201317.2.1 (released December 2023)<\/b>, while <b>DarkSword targets iOS 18.4\u201318.7 (released March 2025).<\/b><\/li>\n\n\n\n<li>A DarkSword-related artifact referenced the domain <b>escofiringbijou[.]com<\/b>, described as a second-stage domain tied to TA446 infrastructure.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><b>Update all iOS devices <\/b>to latest available versions<\/li>\n\n\n\n<li>If devices can\u2019t be upgraded, consider enabling <b>Apple Lockdown Mode (iOS 16+)<\/b><\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at <\/strong><a href=\"https:\/\/thehackernews.com\/2026\/03\/apple-sends-lock-screen-alerts-to.html\">The Hacker News<\/a>, <a href=\"https:\/\/securityaffairs.com\/190109\/security\/apple-issues-urgent-lock-screen-warnings-for-unpatched-iphones-and-ipads.html\">Security Affairs<\/a>, <a href=\"https:\/\/cyberscoop.com\/darksword-iphone-spyware-leak-ios-18-exploit-threat\/\">CyberScoop<\/a>, <a href=\"https:\/\/thehackernews.com\/2026\/03\/ta446-deploys-leaked-darksword-ios.html\">The Hacker News<\/a>, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/coruna-ios-exploit-framework-linked-to-triangulation-attacks\/\">BleepingComputer<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">3. Third-party risk cascaded into fourth and fifth: and it started with one misconfiguration<\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><b>Aqua Security<\/b> had a misconfigured <i>pull_request_target<\/i> workflow in <b>Trivy's<\/b> GitHub repo \u2192 <b>hackerbot-claw<\/b> (an autonomous AI-powered bot) opened a PR and stole Aqua's bot PAT \u2192 <b>Aqua<\/b> rotated credentials but missed some \u2192 <b>TeamPCP<\/b> used the surviving credentials three weeks later to push malicious Trivy releases and <b>force-move 75 of 76 <i>trivy-action<\/i> GitHub Action tags<\/b> \u2192 every downstream project using <b>Trivy<\/b> in CI\/CD unknowingly ran the malicious code with <i>their own credentials<\/i> \u2192 <b>TeamPCP<\/b> used those stolen tokens to publish compromised versions of <b>litellm<\/b> (a popular Python LLM proxy library) on <b>PyPI<\/b> \u2192 developers and Kubernetes clusters running litellm got <b>credential-stealing malware with persistence<\/b>.<br><i>FUN FACT:<\/i> Trivy used Delve for their compliance. The alleged \"fake certification\" factory covered last week.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><b>Compromised versions: 1.82.8 and 1.82.7<\/b><\/li>\n\n\n\n<li>The litellm payload used a&nbsp;<b>.pth file that auto-executes on every Python interpreter startup<\/b>&nbsp;\u2014 meaning even projects that had litellm as an&nbsp;<i>indirect<\/i>&nbsp;dependency got hit. On Kubernetes, it attempted&nbsp;<b>cluster-wide secret access<\/b>&nbsp;and deployed&nbsp;<b>privileged pods<\/b>&nbsp;for persistence.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Identify exposure by checking for <b>litellm 1.82.7\/1.82.8<\/b><\/li>\n\n\n\n<li>Only allow <strong>pinnning GitHub Actions by commit SHA, not tags.<\/strong>&nbsp;Tags are mutable \u2014 this single change would have prevented the downstream cascade.<\/li>\n\n\n\n<li><b>Audit all <i>pull_request_target<\/i> workflows.<\/b> If any of them also check out PR head code, they run attacker-controlled code with your repo&#8217;s secrets. Switch to the regular <i>pull_request<\/i> trigger or never check out the PR&#8217;s code.<\/li>\n\n\n\n<li><b>Save this story for your next regular information security training <\/b>as a vivid example.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at <\/strong><a href=\"https:\/\/futuresearch.ai\/blog\/litellm-pypi-supply-chain-attack\/\">FutureSearch<\/a>, <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/03\/24\/detecting-investigating-defending-against-trivy-supply-chain-compromise\/\">Microsoft Security Blog<\/a>, <a href=\"https:\/\/www.wiz.io\/blog\/trivy-compromised-teampcp-supply-chain-attack\">Wiz<\/a>, <a href=\"https:\/\/www.securityweek.com\/from-trivy-to-broad-oss-compromise-teampcp-hits-docker-hub-vs-code-pypi\/\">SecurityWeek<\/a>, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack\/\">BleepingComputer<\/a>, <a href=\"https:\/\/thehackernews.com\/2026\/03\/trivy-hack-spreads-infostealer-via.html\">The Hacker News<\/a>, <a href=\"https:\/\/socket.dev\/blog\/teampcp-targeting-security-tools-across-oss-ecosystem?utm_medium=feed\">Socket<\/a>, <a href=\"https:\/\/socket.dev\/blog\/trivy-docker-images-compromised?utm_medium=feed\">Socket<\/a>, <a href=\"https:\/\/krebsonsecurity.com\/2026\/03\/canisterworm-springs-wiper-attack-targeting-iran\/\">Krebs on Security<\/a>, <a href=\"https:\/\/www.csoonline.com\/article\/4149938\/trivy-supply-chain-breach-compromises-over-1000-saas-environments-lapsus-joins-the-extortion-wave.html\">CSO Online<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">4. GitHub Copilot Free\/Pro users\u2019 prompts and code context will be used for model training by default starting April 24<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">Starting April 24, GitHub will <b>use Copilot Free, Pro, and Pro+ interaction data (inputs\/outputs, code snippets, and surrounding context) to train and improve its AI models by default<\/b>, with an opt-out available in Copilot Privacy settings. <b>Copilot Business and Copilot Enterprise users are not affected by this change, and prior opt-out preferences will remain in effect.<\/b><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>GitHub clarifies it does not use <b>issues, discussions, or private repositories \u201cat rest\u201d<\/b>, but Copilot processes private repo code during active use and that interaction data could be used for training unless opted out.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Visit to modify your opt-in settings:<b>&nbsp;https:\/\/github.com\/settings\/copilot under \u201cPrivacy\u201d<\/b> before April 24.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at <\/strong><a href=\"https:\/\/github.blog\/news-insights\/company-news\/updates-to-github-copilot-interaction-data-usage-policy\/\">GitHub Blog<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">5. Kali Linux 2026.1 ships 8 new security tools and adds a Undercover mode<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">Kali Linux released 2026.1 with <b>eight new offensive\/security testing tools plus a new \u201cBackTrack mode\u201d for Kali-Undercover<\/b>, alongside a yearly theme refresh. The release also updates core components (including the kernel) and tweaks NetHunter, expanding both the tooling and UX options for Kali users.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>New tools added include <b>AdaptixC2, Atomic-Operator, Fluxion, GEF, MetasploitMCP, SSTImap, WPProbe, and XSStrike<\/b>.<\/li>\n\n\n\n<li><b>MetasploitMCP is notable as an MCP server for Metasploit<\/b> \u2014 it lets LLM-based tools drive exploit execution, payload generation, and session management via natural language, signaling that AI-assisted pentesting is now mainstream enough for Kali&#8217;s official repos.<\/li>\n\n\n\n<li>Kali-Undercover\u2019s new option provides <b>a one-click switch to a BackTrack 5-like desktop theme<\/b><\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at <\/strong><a href=\"https:\/\/www.bleepingcomputer.com\/news\/linux\/kali-linux-20261-released-with-8-new-tools-new-backtrack-mode\/\">BleepingComputer<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">6. Smart Slider 3 flaw exposes server files on 800K+ WordPress sites to any logged-in user<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">A flaw in the <b>Smart Slider 3<\/b> WordPress plugin, <b>used on 800,000+ sites <\/b>to build animated sliders and hero sections, allows <b>any authenticated user (including subscribers) to read arbitrary files on the server<\/b> via abused export functionality. Attackers could potentially retrieve sensitive configuration data (e.g., WordPress database credentials and cryptographic keys) and use it to pivot into deeper compromise.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tracked as <b>CVE-2026-3098<\/b>, affecting Smart Slider 3 versions through <b>3.5.1.33<\/b>.<\/li>\n\n\n\n<li>Patch released in <b>Smart Slider 3 v3.5.1.34<\/b>; WordPress.org download stats indicating <b>at least ~500,000 sites may still be on vulnerable versions<\/b>.<\/li>\n\n\n\n<li>Root cause: <b>missing capability checks in AJAX export actions<\/b>, enabling low-privilege authenticated users to invoke export features they shouldn\u2019t have access to.<\/li>\n\n\n\n<li>Defiant\/Wordfence researchers say the export function <b>lacks file type and source validation<\/b>, allowing non-media files (including <b>.php<\/b>) to be added to an export archive and read.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Update Smart Slider 3 to <b>version 3.5.1.34 or later<\/b>.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at <\/strong><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/file-read-flaw-in-smart-slider-plugin-impacts-500k-wordpress-sites\/\">BleepingComputer<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">7. Langflow&#8217;s unsandboxed code execution flaw exploited within ~20 hours<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">Attackers are gaining unauthenticated remote code execution on Langflow, an open-source visual builder for LLM agent pipelines \u2014 think n8n, but narrowly focused on chaining language models, vector stores, and AI tools into workflows.&nbsp;<br><b>The root cause: <\/b>Langflow's public API accepts arbitrary flow definitions and&nbsp;runs embedded Python via&nbsp;<code>exec()<\/code>&nbsp;with no authentication or sandboxing. n8n hit the same class of problem last year and responded by disabling arbitrary command execution by default in v2.0; Langflow hadn't caught up.&nbsp;<br>These tools often hold LLM API keys, cloud credentials, and database secrets \u2014 and with arbitrary code execution on the host,&nbsp;attackers can read .env files, dump databases, and exfiltrate every stored credential in a single pass<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The issue affects <b>Langflow versions 1.8.1 and earlier<\/b>; Langflow says upgrading to version 1.9.0 mitigates the vulnerability.<\/li>\n\n\n\n<li>The vulnerable behavior involves an unauthenticated API that can accept attacker-provided flow definitions; the flow content can include <b>arbitrary Python that is executed via exec() with no sandboxing<\/b> (per the GitHub advisory).<\/li>\n\n\n\n<li>Sysdig reported exploitation began <b>about 20 hours after public disclosure<\/b>, even though no public proof-of-concept exploit was available at the time<\/li>\n\n\n\n<li>Observed activity included <b>automated scanning, Python-scripted exploitation, and harvesting of .env\/.db data<\/b>, with Sysdig citing a spike to 1,000+ attempts and payloads ranging from info stealers and reverse shells to cryptominers.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><b>Upgrade Langflow to 1.9.0 or later<\/b><\/li>\n\n\n\n<li><b>Restrict\/disable the vulnerable public-flow build endpoint<\/b> and avoid exposing Langflow directly to the internet where possible.<\/li>\n\n\n\n<li><b>Inventory workflow and automation tools<\/b> (n8n, Langflow, Flowise, Dify, etc.) in your environment \u2014 including developer experiments \u2014 and hold them to the same patching and access control standards as any other internet-facing service.<\/li>\n\n\n\n<li>If you suspect exposure, <b>rotate Langflow-adjacent secrets<\/b> (API keys for LLM providers, cloud credentials, database credentials) that may be stored on or accessible from the Langflow host.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at <\/strong><a href=\"https:\/\/www.csoonline.com\/article\/4151203\/attackers-exploit-critical-langflow-rce-within-hours-as-cisa-sounds-alarm.html\">CSO Online<\/a>, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-new-langflow-flaw-actively-exploited-to-hijack-ai-workflows\/\">BleepingComputer<\/a>, <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/critical-flaw-langflow-ai-platform-under-attack\">Dark Reading<\/a>, <a href=\"https:\/\/securityaffairs.com\/190018\/security\/u-s-cisa-adds-a-langflow-flaw-to-its-known-exploited-vulnerabilities-catalog.html\">Security Affairs<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">8. FCC blocks new imports of non\u2011U.S.-made consumer routers, citing \u201cunacceptable\u201d national security risk<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">The FCC updated its supply-chain \u201cCovered List\u201d to <b>bar import\/marketing authorization for new consumer router models manufactured outside the U.S.<\/b> unless the vendor receives a government exemption. <b>The FCC says foreign-made routers create supply-chain exposure and are frequently compromised and repurposed for espionage<\/b>, password-spraying, and botnet activity\u2014including being used as footholds in recent China-linked intrusions.<div>Critics have many thoughts.<\/div><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>TP-Link noted that <b>virtually all routers are manufactured outside the U.S.<\/b>, including products from American companies \u2014 <b>the only known U.S.-made exception being newer Starlink<\/b> routers built in Texas.<\/li>\n\n\n\n<li>The <b>exemption mechanism has drawn comparisons to tariff carve-outs<\/b>, with critics warning it gives the government broad discretionary power over which foreign manufacturers can access the U.S. market, and that <b>the timing alongside broader trade actions makes it difficult to separate security motives from trade leverage.<\/b><\/li>\n\n\n\n<li>The same FCC chairman Carr who issued the ban <b>voted in November 2025 to scrap enforceable cybersecurity rules<\/b> that required telecom operators to secure their networks after Salt Typhoon \u2014 the very campaign now cited to justify the router restrictions.\n<\/li>\n\n\n\n<li>For comparison, the <b>EU&#8217;s Cyber Resilience Act takes the opposite approach<\/b>: requiring all products to meet security baselines regardless of where they&#8217;re made, rather than restricting by country of origin.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at <\/strong><a href=\"https:\/\/thehackernews.com\/2026\/03\/fcc-bans-new-foreign-made-routers-over.html\">The Hacker News<\/a>, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fcc-bans-new-routers-made-outside-the-usa-over-security-risks\/\">BleepingComputer<\/a>, <a href=\"https:\/\/therecord.media\/fcc-routers-banned-security-china\">The Record<\/a>, <a href=\"https:\/\/www.securityweek.com\/fcc-bans-new-foreign-made-consumer-routers-over-national-security-risks\/\">SecurityWeek<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Subscribe<\/h2>\n\n\n\n<p>Subscribe to receive this weekly cybersecurity news summary to your inbox every Monday.<\/p>\n\n\n                <div class=\"ml-embedded\" data-form=\"pKq7EM\"><\/div>\n            ","protected":false},"excerpt":{"rendered":"<p>Latest interesting cybersecurity news from March 2026<\/p>","protected":false},"author":1,"featured_media":21719,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[],"class_list":["post-21716","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts\/21716","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/comments?post=21716"}],"version-history":[{"count":7,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts\/21716\/revisions"}],"predecessor-version":[{"id":21725,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts\/21716\/revisions\/21725"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/media\/21719"}],"wp:attachment":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/media?parent=21716"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/categories?post=21716"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/tags?post=21716"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}