Citrix NetScaler ADC / Gateway's CVSS 9.3 out-of-bounds read in SAML IdP configurations is already being scanned by attackers looking for authentication-flow enumeration opportunities.
F5 BIG-IP APM vulnerability CVE-2025-53521, a CVSS 9.8 unauthenticated RCE, was added to CISA's KEV catalog. It had originally been classified as DoS, but was reclassified after a China-linked APT that compromised F5's network stole source code and vulnerability details. Federal agencies must respond by March 30, 2026.
On March 27, 2026, telnyx Python SDK v4.87.1/4.87.2 was contaminated with PyPI. TeamPCP collects authentication information for OpenAI, Anthropic, AWS, and GCP by hiding payloads in WAV files. 742K downloads per month.
Three independent vulnerabilities were disclosed in LangChain Core and LangGraph: deserialization that can leak secrets, SQL injection that exposes conversation history, and path traversal that allows arbitrary file reads.
After supply-chain attacks against tj-actions and Trivy, GitHub published a plan to reduce the attack surface of CI/CD pipelines through dependency locking, scoped secrets, and Layer 7 egress firewalls.
A six-phase attack chain showing how the China-linked GTG-1002 group used Claude Code through MCP for autonomous espionage, plus GitHub Copilot's policy change to start using user code for AI training on April 24.
LiteLLM 1.82.7 and 1.82.8 were poisoned on PyPI for about 46 minutes. TeamPCP stole a PyPI token through Trivy's CI/CD and injected malware that collects more than 50 credential types, including SSH keys, AWS, Kubernetes, and Docker secrets.
Composio publishes security analysis of OpenClaw. Approximately 7.1% of SkillHub-distributed skills were found to have critical vulnerabilities, leaving over 30,000 instances exposed to the internet in the early stages at risk of prompt injection and credential theft.
A CVSS 10.0 authentication bypass vulnerability CVE-2025-32975 was discovered in Quest KACE SMA, and active attack activity was confirmed starting the week of March 9, 2026. The patch was released in May 2025, but systems that have not been patched are being targeted for attacks.
Five vulnerabilities confirmed exploited by MuddyWater and DarkSword were added to the KEV catalog. Craft CMS is a CVSS 10.0 zero-day that has seen active exploitation since February, and Laravel Livewire is being used by MuddyWater against Middle East infrastructure.
A Magento product-option API bug allows unauthenticated uploads of polyglot files that execute PHP code. In nginx 2.0.0-2.2.x environments it becomes full RCE; in other setups it can lead to XSS and account takeover.
All four methods to avoid Azure Entra ID sign-in logs by exploiting SQL column overflow in RoPC flow have been disclosed. GraphGoblin issues access tokens valid with CVSS v4.0=8.7.
