Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Financial groups lay out a plan to fight AI identity attacks
Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the American Bankers Association, the Better Identity Coalition, and the Financial Services Sector Coordinating Council lays out the scale of the problem and calls on federal and state policymakers to act across various areas.
Mimecast makes enterprise email security deployable in minutes
Ranjan Singh, Chief Product and Technology Officer at Mimecast, outlines how the company’s API-based approach delivers protection on par with a traditional Secure Email Gateway without requiring infrastructure changes, and why that matters for stretched security teams trying to close detection gaps on BEC and credential phishing.
Trust, friction, and ROI: A CISO’s take on making security work for the business
In this Help Net Security interview, John O’Rourke, CISO at PPG, talks about what it means for security to drive business value. He explains how mature security programs reduce friction in sales cycles and M&A processes, and how trust is built over time.
Axios npm packages backdoored in supply chain attack
An unknown attacker has compromised the GitHub and npm accounts of the main developer of Axios, a widely used HTTP client library, and published npm packages backdoored with a malicious dependency that triggered the installation of droppers and remote access trojans.
Software supply chain hacks trigger wave of intrusions, data theft
After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx supply chain attacks (linked to TeamPCP).
Trivy supply chain attack enabled European Commission cloud breach
CERT-EU confirmed that ShinyHunters are behind the recent breach of the cloud infrastructure underpinning websites of the European Commission, and that they stole and subsequently leaked approximately 340 GB of data.
FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)
Attackers have been observed exploiting two vulnerabilities (one a zero-day) in Fortinet FortiClient Endpoint Management Server (EMS) this week: a previously fixed SQL injection vulnerability (CVE-2026-21643) and a newly unearthed API authentication and authorization bypass exploited as a zero-day (CVE-2026-35616).
Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)
Cisco has fixed ten vulnerabilities affecting its Integrated Management Controller (IMC), the most critical of which (CVE-2026-20093) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin.
EvilTokens ramps up device code phishing targeting Microsoft 365 users
Security researchers report a notable increase in device code phishing activity aimed at Microsoft 365 users, and have attributed this rise to the availability of EvilTokens, a new, specialized phishing toolkit that’s being offered as-a-service via Telegram.
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)
Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. As per usual, information about the fixed zero-day is limited, and there’s no details about the exploit (or how/if it’s being used by attackers).
Claude Code source leak exploited to spread malware
A source code leak involving Anthropic’s Claude Code tool quickly escalated into a cybersecurity threat, as attackers seized on the exposed files to lure developers into downloading malware disguised as “unlocked” versions of the software.
Why risk alone doesn’t get you to yes
The hardest mission that most security leaders will face is not identifying a threat, but getting someone to act on it. We’re trained to see exposure before they are identified by others. We continually assess likely threats, evaluate impact, and design controls to prevent disruption long before it reaches operations or shareholders. That’s the job.
Why I’m done calling humans the weakest link
Cybersecurity has long suffered from a people problem, but not in the way we often hear about. As industry that is based on enabling communication across the globe via the internet and many types of devices, many of us practitioners are very bad at communicating to people.
The art of making technical risk make sense to executives
In this Help Net Security video, Jay Miller, CISO at Paessler, explains how security leaders can communicate technical risk to executives and board members in terms they understand.
Your customer passed authentication. So why are they sending money to a scammer?
In this Help Net Security video, Lenny Gusel, Head of Fraud Solutions in North America at Feedzai, explains how customer identity and access management has converged with digital fraud detection, and why treating them as separate systems creates real risk.
Don’t count on government guidance after a smart home breach
People are filling their homes with internet-connected cameras, speakers, locks, and routers. When one of those devices is compromised, the next steps are often unclear. Researchers reviewing government cybersecurity advice in 11 countries found that most guidance focuses on prevention, leaving households with limited support after a breach.
Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step
The open-source spam filtering platform Rspamd released version 4.0.0, delivering infrastructure changes across its scan protocol, memory model, hash storage, and configuration system. Several of the changes are breaking, and at least one requires a migration step before upgrade.
Apple counters ClickFix attacks with macOS Terminal warning
Apple has added a new security feature in macOS Tahoe 26.4 that warns users before they enter commands in Terminal that could cause harm. The goal is to stop ClickFix attacks, a social engineering trick that gets users to run malicious commands themselves.
Hacker stripped more than $50 million from Uranium crypto exchange, spent it on trading cards
US prosecutors have charged a Maryland man in connection with two hacks of the Uranium Finance cryptocurrency exchange that led to losses exceeding $50 million.
Amazon sends AI agents into pen testing and DevOps
Amazon’s latest AI capabilities bring on-demand penetration testing through the AWS Security Agent, alongside the AWS DevOps Agent. AWS Security Agent enables on-demand penetration testing for applications, addressing gaps created by periodic testing limited by time and cost.
Crypto industry may be running out of time to prepare for quantum attacks
Google’s latest research suggests the cryptocurrency industry may have less time than expected to prepare for quantum computing.
Cybercriminals take aim at Hasbro, weeks of recovery ahead
Hasbro, an American toy maker with more than 5,000 employees, confirmed a cyberattack and proactively took certain systems offline. The intrusion was detected on March 28, and the company promptly activated its incident response protocols.
TrueConf zero-day vulnerability exploited to target government networks
Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered.
DarkSword exploit forces Apple to loosen its patching policy
Apple has extended security updates to a wider range of devices still running iOS 18, aiming to protect users from the DarkSword exploit kit.
Microsoft releases open-source toolkit to govern autonomous AI agents
AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each step. Frameworks like LangChain, AutoGen, CrewAI, and Azure AI Foundry Agent Service have made this kind of autonomy straightforward to deploy. The governance infrastructure to match that autonomy has lagged behind. Microsoft released the Agent Governance Toolkit to address that gap.
Breaking out: Can AI agents escape their sandboxes?
Container sandboxes are part of routine AI agent testing and deployment. Agents use them to run code, edit files, and interact with system resources without direct access to the host. The SandboxEscapeBench benchmark, developed by researchers at the University of Oxford and the AI Security Institute, evaluates whether an agent with shell access can escape a container and reach the host system.
ShipSec Studio brings open-source workflow orchestration to security operations
Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec Studio, an open-source security workflow automation platform from ShipSec AI, aims to replace that arrangement with a dedicated orchestration layer built specifically for security operations.
SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools
Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live distribution built for repairing unbootable systems and recovering data from damaged drives, has shipped version 13.00 with a new long-term supported kernel, updated storage tools, and several additions to its command-line toolset.
Android 17 tweaks location privacy with one-time access
Google introduced a suite of location privacy features in Android 17 Beta 3 to give users more control and provide developers with tools for data minimization and product safety.
Hottest cybersecurity open-source tools of the month: March 2026
Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings.
Intel puts its data center performance knowledge on GitHub
Intel engineers have published a centralized repository of data center performance knowledge on GitHub, giving practitioners direct access to tuning guides, configuration recommendations, and optimization recipes that previously required hunting across forums and scattered documentation.
Android developers just got a new verification layer
To help prevent malicious actors from spreading harmful apps while hiding behind anonymity, Google is rolling out developer verification to all Android developers. The company is also introducing app registration, which links apps to verified developer identities.
Google Drive now detects ransomware and helps restore affected files
To help organizations minimize the impact of malware attacks on personal computers, Google launched ransomware detection and file restoration in beta in September 2025. These features are now generally available.
Windows 11 gets a rebuilt console engine with regex search, Sixel images and a 10x speed boost
Microsoft released Windows 11 Insider Preview Build 29558.1000 to the Canary Channel, part of the optional 29500 build series. The build carries a set of changes focused on the Windows Console, a handful of bug fixes, and small improvements to Settings and disk utilities.
Malware detectors trained on one dataset often stumble on another
Machine learning models built to catch malware on Windows systems are typically evaluated on data that closely resembles their training set. In practice, the malware arriving on enterprise endpoints looks different, comes from different sources, and in many cases has been deliberately obfuscated to evade detection. A study from researchers at the Polytechnic of Porto tests what happens when that gap is made explicit, and the results have direct implications for organizations relying on static detectors as a first line of defense.
Microsoft adds high-volume email sending to Exchange Online
Organizations that rely on Exchange Online for internal communications have long needed a way to send large volumes of automated messages, such as payroll notifications, IT alerts, and security advisories, without running into the sending limits designed for person-to-person email. Microsoft has addressed that with the general availability of High Volume Email (HVE) in Exchange Online.
Tracking drones with the 5G tower down the street
Drone detection in cities is expensive. Dedicated radar installations are cost-prohibitive at scale, cameras have limited range and stop working well at night, and LiDAR systems have the same cost problem as radar. A group of researchers at the University of Science and Technology of China spent the past year working on a different approach: using 5G-Advanced base stations that are already in the ground to do the job instead.
Which messaging app takes the most limited approach to permissions on Android?
Messaging apps handle sensitive conversations, contacts, and media, and their behavior on a device varies in ways that affect privacy. An analysis of Android versions of Messenger, Signal, and Telegram shows that differences in permissions, background activity, and system exposure shape how much data each app can access and how often it communicates.
Download: 2026 SANS Identity Threats & Defenses Survey
New research from the 2026 SANS Identity Threats & Defenses Survey shows that 55% of organizations experienced an identity-related compromise last year, while 26% reported MFA fatigue as a factor in identity attacks.
Cybersecurity jobs available right now: March 31, 2026
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
New infosec products of the month: March 2026
Here’s a look at the most interesting products from the past month, featuring releases from Beazley, Bonfy.AI, Mend.io, Mimecast, NinjaOne, Novee, Intel 471, Singulr AI, Stellar Cyber, Teleport, and Vicarius.