Microsoft is warning security teams about two critical vulnerabilities in Windows Defender that are being actively exploited in the wild. The flaws, which impact Microsoft's built-in antivirus software, have already been leveraged by attackers, prompting urgent recommendations for Windows users to apply security patches immediately. Microsoft has released fixes for both vulnerabilities as part of their regular security update cycle.

Security researchers have identified multiple serious threats including new Linux rootkits, a zero-day vulnerability affecting routers, and AI-enabled intrusion tools, according to the latest ThreatsDay Bulletin. The security report encompasses 25 new threats and scam kits that organizations need to address. Industry experts warn that artificial intelligence is fundamentally transforming attack surfaces by accelerating breach timelines and enabling attackers to move through networks faster than traditional human response capabilities can counter.

Researchers have discovered a new exploit called "Underminr" that affects 42% of websites globally, allowing attackers to hijack trusted domains to hide malicious activity from security filters. The attack works by exploiting how DNS and content delivery networks handle web requests separately, enabling threat actors to route traffic through legitimate sites while actually directing users to malicious destinations. The vulnerability stems from how major CDNs group different websites behind the same IP addresses, though some providers like Fastly have mitigated the risk by "bucketizing" domains according to their reputation levels.

Chinese state-aligned hackers have been using a Linux backdoor called "Showboat" to spy on telecommunications companies in Central Asia for at least four years, with multiple Chinese APT groups sharing the malware among themselves. The tool, which went undetected on VirusTotal until recently, appears designed as a practical rather than sophisticated solution for smaller market targets in countries like Afghanistan, Kazakhstan, and Azerbaijan. Security researchers believe China may be using these regions as testing grounds for their malware before deploying it against higher-value targets.

GitHub has confirmed that approximately 3,800 internal repositories were compromised in a supply chain attack after an employee installed a malicious Visual Studio Code extension. The breach, claimed by hacking group TeamPCP who's demanding at least $50,000 for the stolen data, highlights a critical blind spot in developer security—extensions can access all data on a developer's machine including credentials and SSH keys. This marks the latest in a series of 2026 supply chain attacks by TeamPCP targeting developer tooling at major companies including Trivy, Checkmarx, Bitwarden, and TanStack, with security experts warning that most organizations lack visibility into what extensions developers are running on their machines.

SecurityWeek is hosting a virtual Threat Detection and Incident Response Summit today from 11 AM to 4 PM Eastern Time, focusing on how organizations can combat increasingly sophisticated cyberattacks. The free online event features panels and presentations from cybersecurity leaders at companies like Amazon, Spotify, Wiz, and Okta, covering topics ranging from AI-driven threat detection and breach response to emerging attack vectors like prompt fraud and weaponized AI. Key discussions will explore how to cut through alert fatigue, leverage unified platforms for faster investigations, and use threat intelligence to stay ahead of modern adversaries.

ICS security experts shared real-world stories from the field that expose the dangerous gap between written policies and actual practice on plant floors. The incidents include an Iranian-linked threat actor trying to infiltrate a Middle East facility's operational technology systems, a vulnerability scan that accidentally shut down two power plant turbines, and an undocumented federal agency control system running on default credentials that was unknowingly accessible from the public internet. These cautionary tales underscore how assumptions about air-gapping, physical isolation, and operational safety often don't match reality, especially when institutional knowledge leaves with retiring staff or security processes fail to adapt to the unique needs of industrial environments.

Security teams are finding themselves caught off guard as companies rapidly move AI projects from experimentation to production without involving them in the process. To prepare for these surprise deployments, experts recommend security organizations focus on data-driven conversations with development teams, maintain operational agility, ensure workflows can quickly integrate new AI applications, and implement continuous scanning with contextual awareness of AI-specific threats. The good news is that much of the security infrastructure needed already exists in application and API security stacks, so teams can build on existing foundations rather than starting from scratch.

A major supply chain attack attributed to the TeamPCP hacking group has compromised over 320 NPM packages, with attackers gaining access to the 'atool' maintainer account that controls high-profile packages like timeago.js with 1.5 million weekly downloads. The malicious code steals credentials from over 130 file paths including AWS, Azure, and cryptocurrency wallets, harvests plaintext secrets from GitHub Actions workflows, and now includes new capabilities like executing remote Python code and dropping persistent backdoors in development tools. Security researchers tracked roughly 639 malicious package versions across data visualization and React ecosystems, with attackers using compromised NPM tokens to automatically inject malware into additional packages and exfiltrate stolen data through more than 2,200 GitHub repositories.

Anthropic has quietly patched a sandbox bypass vulnerability in Claude Code that could have allowed attackers to exfiltrate sensitive data like credentials and tokens. Security researcher Aonan Guan discovered the flaw, which involved a SOCKS five hostname null-byte injection that tricked the network filter into approving connections to unauthorized hosts. While Anthropic says they fixed the issue before Guan's formal report, the researcher criticizes the company for not assigning a CVE identifier or properly notifying users who may have been running the vulnerable version in production for months.