Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On March 28, 2026, F5 updated its security advisory for a vulnerability impacting BIG-IP APM that was originally disclosed in October 2025 (CVE-2025-53521). The vulnerability was initially classified as a medium-severity denial-of-service (DoS) issue but has been reclassified as a critical remote code execution (RCE) vulnerability. F5 has stated CVE-2025-53521 is being exploited by unauthenticated remote threat actors to deploy web shells.

The widely used Axios npm package, a JavaScript library that enables applications to make HTTP/S requests and is included as a dependency in millions of applications, was compromised in a supply chain attack on March 31, 2026 (UTC).

In the third installment of SafeBreach’s AI-First development series, VP of Development Yossi Attas explores the resurgence of the Product Requirements Document (PRD) as the foundational “control surface” for AI-assisted engineering.

A CISO’s job never ends, and, according to a recent LevelBlue survey, the issues they are dealing with on a daily basis are piling up, causing some disconnect in priorities and a misunderstanding of how to accomplish specific cybersecurity goals. To help answer some of the more pressing questions CISOs face and to gain a different perspective on the survey’s results, we sat down with LevelBlue’s Chief Security & Trust Officer, Kory Daniels.

Open source made software development faster. It also made software delivery more fragile. Most teams already understand that dependencies can contain vulnerabilities. Fewer teams fully internalize the other half of the problem: dependencies can also change underneath them. When versions are not pinned, code from outside your organization can enter your build, CI pipeline, or runtime environment without a deliberate engineering decision. Your repo may be unchanged. Your app may be unchanged.

Phorpiex, also known as Trik, is a resilient and long-running botnet with a history dating back to 2011. While it has grabbed some headlines, its sustained presence and adaptability make it a subject of ongoing concern for the cybersecurity community. Phorpiex has consistently demonstrated its capability to evolve, shifting from a pure spam operation to a sophisticated platform.

Source code for Claude Code, Anthropic’s developer facing CLI tool, was exposed through source maps included in a published npm package under Anthropic’s npm namespace. The exposure revealed approximately 500,000 lines of application code across roughly 1,900 files.

CVE-2026-20929, a vulnerability with a CVSS of 7.5 that was patched in the January 2026 Patch Tuesday update, enables attackers to exploit Kerberos authentication relay through DNS CNAME record abuse. This blog focuses on detecting one particularly impactful attack vector: relaying authentication to Active Directory Certificate Services (AD CS) to enroll certificates for user accounts, as detailed in recent research.

Identity management is the foundational process of governing every digital identity across your environment: who exists, what they access, and whether that access remains appropriate. Credential abuse is the leading initial attack vector in confirmed breaches. The discipline requires a clean source of truth, automated lifecycle workflows, and continuous governance that scales across hybrid and SaaS environments.

We are always on the lookout for different solutions to safeguard our digital assets and accounts from potential cybercriminals. One such solution is the Multi-Factor Authentication (MFA). This authentication solution adds an extra layer of security on top of credential-based login, making the accounts more secure. It comprises several key methods—OTP over SMS/email, security questions, biometric authentication, push notification, and more.