Episode 13 — 01 Apr 2026
1. Cisco source code stolen in Trivy-linked dev environment breach
Source: Bleeping Computer
Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers. A source, who asked to remain anonymous,...
2. Claude Code source code accidentally leaked in NPM package
Source: Bleeping Computer
Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no customer data or credentials were exposed. While Anthropic pledges support to the open-source community, Claude Code has always remained closed source, at...
3. Claude AI finds Vim, Emacs RCE bugs that trigger on file open
Source: Bleeping Computer
Vulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow remote code execution simply by opening a file. The assistant also created multiple versions of proof-of-concept (PoC) exploits, refined them, and provided...
4. GIGABYTE Control Center vulnerable to arbitrary file write flaw
Source: Bleeping Computer
The GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw that could allow a remote, unauthenticated attacker to access files on vulnerable hosts. The hardware maker says that successful exploitation could potentially lead to code execution on the underlying...
5. Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains
Source: The Hacker News
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT. "The operation covers VPN clients, encrypted messengers, video...
6. TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
Source: The Hacker News
A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting government entities in Southeast Asia dubbed TrueChaos. The vulnerability in question is CVE-2026-3502 (CVSS score:...
7. Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Source: The Hacker News
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster tracked as UNC1069. "We have attributed the attack to a suspected North Korean threat actor we track as UNC1069," John...
8. Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
Source: The Hacker News
Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex AI platform that could allow artificial intelligence (AI) agents to be weaponized by an attacker to gain unauthorized access to sensitive data and compromise an organization's cloud...
