Security Daily Digest
?
← BACK TO TODAY

Cybersecurity news, daily.

2026.03.22

18 sources scanned
FEATURED
01

Trivy Vulnerability Scanner Compromised in Supply Chain Attack

The Trivy vulnerability scanner was compromised in a supply chain attack, with threat actors deploying an infostealer via GitHub Actions. The attack involved the Trivy scanner being used to spread CanisterWorm across 47 npm packages. This incident highlights the risks associated with software supply chains and the need for rigorous security measures around CI/CD pipelines and third-party tool integrations.

SRC BleepingComputerThe Hacker News
02

Oracle Releases Patch for Critical RCE Flaw in Identity Manager

Oracle has issued a patch for a critical remote code execution vulnerability (CVE-2026-21992) in its Identity Manager, which could be exploited by unauthenticated attackers. Meanwhile, CISA has flagged this and other vulnerabilities in Apple, Craft CMS, and Laravel, mandating patching by April 3, 2026. Security teams should prioritize applying these updates to mitigate potential exploitation risks.

SRC The Hacker News
SIGNAL

STAY UPDATED

Daily security digest, straight to your inbox.

ARCHIVE
2026-05-132026-05-122026-05-112026-05-102026-05-092026-05-082026-05-072026-05-062026-05-052026-05-042026-05-032026-05-022026-05-012026-04-302026-04-292026-04-282026-04-272026-04-262026-04-252026-04-242026-04-232026-04-222026-04-212026-04-202026-04-192026-04-182026-04-172026-04-162026-04-152026-04-142026-04-132026-04-122026-04-112026-04-102026-04-092026-04-082026-04-072026-04-062026-04-052026-04-042026-04-032026-04-022026-04-012026-03-312026-03-302026-03-292026-03-282026-03-272026-03-262026-03-252026-03-242026-03-232026-03-212026-03-202026-03-192026-03-182026-03-172026-03-162026-03-15