The Trivy vulnerability scanner — trusted by millions of developers — has been compromised by the TeamPCP threat group, which injected credential-stealing malware into official releases via GitHub Actions. Microsoft Azure Monitor alerts are being abused to deliver callback phishing emails impersonating Microsoft Security. A critical Langflow vulnerability was exploited within hours of public disclosure. The Navia data breach has exposed personal and health plan data of 2.7 million individuals. Thousands of Magento e-commerce sites hit in ongoing defacement campaign.
The Trivy vulnerability scanner, used by millions of organizations for container and infrastructure security scanning, has been compromised by threat actors who injected credential-stealing malware into official releases and GitHub Actions workflows.
In what may be the most ironic attack of the year, the Trivy vulnerability scanner — a widely-used open-source tool designed to find security problems — has itself become the attack vector. Threat actors known as TeamPCP have compromised Trivy's build pipeline, injecting infostealer malware into official releases distributed through GitHub Actions.
Trivy, maintained by Aqua Security, is one of the most popular vulnerability scanners in the DevSecOps ecosystem. It's used to scan container images, filesystems, Git repositories, and Kubernetes clusters. Organizations trust it implicitly — it runs in CI/CD pipelines with broad access to source code, secrets, and infrastructure credentials. That trust is exactly what the attackers exploited.
Supply-chain attacks targeting security tools are particularly dangerous because:
Attackers are abusing Microsoft Azure Monitor alert notifications to send phishing emails that appear to come from Microsoft's own infrastructure, bypassing email security controls.
A new callback phishing campaign is exploiting Microsoft Azure Monitor alerts to send convincing phishing emails that impersonate the Microsoft Security Team. The emails warn recipients about "unauthorized charges" on their Microsoft accounts and instruct them to call a phone number for "immediate assistance."
What makes this campaign particularly effective is that the emails are sent through legitimate Microsoft infrastructure. Since they originate from Azure's notification system, they pass SPF, DKIM, and DMARC authentication checks. Most email security gateways will not flag them as malicious because, technically, they are legitimate Microsoft emails — just with attacker-controlled content.
A critical vulnerability in Langflow — a popular open-source tool for building AI/LLM applications — was exploited in the wild within hours of its public disclosure. The flaw allows unauthenticated remote code execution.
Langflow, an open-source visual framework for building AI and LLM-powered applications, has a critical vulnerability that attackers began exploiting within hours of public disclosure. The vulnerability allows unauthenticated remote code execution because attacker-supplied flow data is processed in public flows without proper sanitization.
Langflow has rapidly grown in popularity as organizations rush to build AI-powered applications. Many instances are deployed with default configurations, often publicly accessible, making them easy targets for automated exploitation.
Between late December 2025 and mid-January 2026, hackers stole personal and health plan information from Navia's systems, affecting 2.7 million individuals.
Navia, a benefits administration company, has disclosed a data breach affecting 2.7 million individuals. The breach occurred between late December 2025 and mid-January 2026, during which attackers exfiltrated personal information and health plan data from Navia's environment.
Healthcare data breaches carry outsized risk because the data has long-term value for identity fraud, insurance fraud, and targeted social engineering. Unlike credit card numbers that can be changed, health records, Social Security numbers, and benefit plan details are permanent.
An ongoing defacement campaign that started on February 27 has compromised thousands of Magento-based e-commerce sites, targeting global brands, government services, and online retailers.
A large-scale defacement campaign has been targeting Magento-based e-commerce platforms since February 27, compromising thousands of sites including global brands and government services. While defacement is often dismissed as low-severity, these attacks demonstrate that the underlying infrastructure has been fully compromised — and what starts as defacement can easily escalate to payment card skimming, customer data theft, or ransomware deployment.
A critical vulnerability in Quest KACE systems management appliance, tracked as CVE-2025-32975, may have been exploited in attacks targeting the education sector. Quest KACE is widely deployed in schools and universities for endpoint management, software distribution, and asset inventory.
Educational institutions are frequent targets due to limited security budgets, large attack surfaces (thousands of student and faculty devices), and valuable data including research, personal records, and financial information.
Three individuals have been charged with violating U.S. export control laws by scheming to divert massive quantities of high-performance AI servers assembled in the United States to China. The case highlights the growing geopolitical battle over AI compute infrastructure and the lengths to which state-aligned actors will go to circumvent export restrictions.
For organizations handling AI hardware procurement and distribution, this case underscores the importance of know-your-customer (KYC) compliance and supply chain integrity. Export control violations carry severe criminal penalties and can result in loss of export privileges.
| Threat | Severity | Type | Action Required |
|---|---|---|---|
| Trivy Supply-Chain Attack (TeamPCP) | CRITICAL | Supply Chain | Verify Trivy versions, rotate CI/CD secrets |
| Langflow RCE (Unauthenticated) | CRITICAL | Vulnerability | Patch immediately, disable public flows |
| Azure Monitor Callback Phishing | HIGH | Phishing | Train staff, audit Azure Monitor rules |
| Navia Breach (2.7M records) | HIGH | Data Breach | Check if affected, offer credit monitoring |
| Magento Mass Defacement | HIGH | Web Attack | Patch Magento, scan for skimmers |
| Quest KACE (CVE-2025-32975) | HIGH | Vulnerability | Patch KACE, restrict management access |
| AI Hardware Export Violations | MEDIUM | Regulatory | Review export compliance controls |
KENSAI scans your infrastructure for vulnerabilities, misconfigurations, and supply-chain risks — including the tools you trust most. Don't let your security scanner become your biggest vulnerability.
Start Your Free Security Scan →Published by the KENSAI Threat Intelligence Team
Daily Security Briefing — March 22, 2026
Read more briefings →