1. North Korean Hackers Flood Developer Ecosystems with 1,700 Malicious Packages North Korea-linked threat actors operating under the “Contagious Interview” campaign have distributed over 1,700 malicious packages across npm, PyPI, Go, Rust, and Packagist, the most expansive software supply chain poisoning operation attributed to the group to date. The packages impersonate legitimate developer tooling and […]
Cyber Security Weekly Top 5 – Week of March 29 – April 5, 2026
1. Drift Protocol Suffers $285 Million Heist in Sophisticated Smart Contract AttackSolana-based decentralized exchange Drift confirmed that attackers drained approximately $285 million from the platform on April 1, 2026, through a novel attack exploiting durable nonces that gave malicious actors multi-week preparation time and staged execution. The breach resulted in attackers gaining control of Drift’s […]
Cyber Security Weekly: Top 5 Cybersecurity News for the Week of March 23–29, 2026
1: INTERPOL Takes Down 45,000+ Malicious IPs in Global Sweep Summary: An INTERPOL-coordinated operation spanning 72 countries dismantled 45,000+ malicious IPs and servers linked to phishing, malware, and ransomware ecosystems. The operation resulted in 94 arrests and represents one of the largest coordinated cybercrime takedowns of the year. Source: Cybernews | https://cybernews.com/security/ 2: PyPI Supply […]
Top 5 Cyber Security stories from last week (week of March 9–15, 2026)
1. 🔴 Google Chrome Zero-Days Patched Under Active Exploitation Google released emergency security updates to fix two high-severity Chrome vulnerabilities — CVE-2026-3909 (an out-of-bounds write in the Skia graphics library) and CVE-2026-3910 (an inappropriate implementation in the V8 JavaScript engine). Both were discovered by Google itself on March 10, 2026, and are being actively exploited […]
Cyber Security Weekly: Top stories from Last Week (March 1– March 7, 2026)
Closest call / honorable mention: LexisNexis confirmed a breach after a threat actor leaked data allegedly taken from a limited number of servers containing mostly legacy data from before 2020. It did not make my top five only because the company said the matter was contained and there was no evidence of impact to products […]
Cyber Security Weekly: Top stories from Last Week (Feb 22–Feb 28, 2026)
Cisco Catalyst SD-WAN auth bypass — CVE-2026-20127 (actively exploited, CVSS 10)Why it’s top: Internet-exposed SD-WAN control-plane components are high-impact; exploitation has been publicly reported, and agencies have issued urgent guidance. Ivanti Endpoint Manager Mobile (EPMM) — CVE-2026-1281 / CVE-2026-1340 (widespread automated exploitation attempts)Fix-first: Patch/mitigate any internet-facing EPMM immediately; treat as mass-scanned. BeyondTrust Remote Support / […]