Three LangChain flaws enable data theft across LLM apps, affecting millions of deployments, exposing secrets and files.

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Coruna reuses Triangulation kernel exploits targeting iOS 13–17.2.1 devices, expanding attacks into mass exploitation ...

TA446 used leaked DarkSword on March 26 to target iOS devices, prompting Apple alerts and widening mobile espionage risks.

CISA adds actively exploited F5 BIG-IP APM CVE-2025-53521 (CVSS 9.3) to KEV, ordering FCEB patch by March 30, 2026 to curb RCE risk.

Iran-linked Handala Hack breached FBI Director’s email amid MOIS domain seizures, escalating destructive cyber ops.

Apple issues Lock Screen alerts after Coruna and DarkSword exploit kits target iOS 13.0–18.7, increasing web-based attack ...

The vulnerability, CVE-2026-3055 (CVSS score: 9.3), refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive ...

Bearlyfy launched 70+ attacks since 2025 using GenieLocker ransomware, targeting Russian firms, driving high ransom payments.

Russian authorities arrested the alleged admin of LeakBase, a cybercrime forum operating since 2021 that enabled trading ...

Validate your security posture with real attacker behavior using continuous, CTI-driven testing to uncover gaps and prove ...

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...