Security Daily Digest

Cybersecurity news, daily.

2026.04.24

16 sources scanned

FEATURED

Bitwarden CLI Supply Chain Attack: Developer Credentials at Risk

Bitwarden's CLI npm package was compromised in a supply chain attack, with attackers uploading a malicious package to steal developer credentials. This incident is part of a broader campaign targeting open-source tools, highlighting the vulnerabilities in software supply chains. Security teams should ensure their package management systems are secure and consider using tools for detecting malicious packages.

SRC Google News SecurityBleepingComputerThe Hacker News

CISA Orders Patch for Microsoft Defender Zero-Day Exploitation

CISA has mandated U.S. federal agencies to patch a zero-day vulnerability in Microsoft Defender, exploited for privilege escalation. The flaw, known as BlueHammer, affects multiple versions of Defender and has a CVSS score of 9.8. Security teams must prioritize patching this vulnerability to prevent unauthorized access and potential data breaches.

SRC BleepingComputerGoogle News Security

UK Biobank Data Breach: 500,000 Health Records for Sale

A significant data breach at UK Biobank has resulted in the health data of 500,000 individuals being offered for sale online, reportedly in China. This breach exposes sensitive personal and medical information, raising concerns about privacy and data protection. Security teams should assess their data protection strategies and ensure robust incident response plans are in place.

SRC BleepingComputerGoogle News Security

SIGNAL

01 Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia Dark Reading
02 Hackers exploit file upload bug in Breeze Cache WordPress plugin BleepingComputer
03 UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware The Hacker News
04 UK warns of Chinese hackers using proxy networks to evade detection BleepingComputer

STAY UPDATED

Daily security digest, straight to your inbox.