Daily Threat Intel Digest - March 27, 2026

🔴 Critical Threats & Active Exploitation

[NEW] Malicious Code Backdoor Found in xz Utils Linux Library (CVE-2024-3094) Red Hat has issued an urgent security alert regarding a sophisticated supply chain attack targeting the xz compression utility, a core component in many Linux distributions. Researchers discovered that versions 5.6.0 and 5.6.1 contain obfuscated malicious code injected during the build process via a hidden M4 macro, which allows attackers to bypass SSH authentication on affected systems by interfering with systemd. Because xz is ubiquitous in Linux environments for data compression, this compromise presents a high-impact risk for unauthorized remote access, though Red Hat Enterprise Linux (RHEL) remains unaffected. Administrators running Fedora Rawhide, Fedora 40 Beta, Debian unstable, or openSUSE are urged to immediately downgrade to the safe 5.4.x versions or apply official patches [Cyberpress; GBHackers].

[NEW] CISA Warns of Active Exploitation in Langflow AI Framework (CVE-2026-33017) The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical code injection vulnerability in the Langflow AI framework to its Known Exploited Vulnerabilities catalog following confirmed active exploitation. Tracked as CVE-2026-33017 (CVSS 9.3), the flaw allows unauthenticated remote code execution (RCE) by enabling attackers to build public AI flows without authentication. Researchers observed hackers exploiting this vulnerability merely 20 hours after the public advisory, using Python scripts to harvest sensitive .env and .db files. Federal agencies have until April 8 to patch to version 1.9.0 or discontinue use of the product; private sector organizations are strongly advised to update immediately and restrict direct internet exposure to the framework BleepingComputer.

🎯 Threat Actor Activity & Campaigns

[NEW] Red Menshen Deploys BPFdoor Backdoors in Global Telecom Networks A China-nexus threat actor known as Red Menshen is compromising telecommunications infrastructure to plant highly stealthy “BPFdoor” backdoors, creating long-term “sleeper cells” for espionage. By exploiting vulnerabilities in internet-facing VPNs and firewalls, attackers gain access to edge devices and deploy the kernel-level malware, which leverages the Berkeley Packet Filter (BPF) to silently monitor network traffic for magic packets without opening listening ports. Recent variants have expanded capabilities to monitor Stream Control Transmission Protocol (SCTP) traffic used in 4G and 5G signaling, enabling the interception of SMS messages, tracking of subscriber identities, and real-time location tracking of individuals. The malware mimics legitimate processes like HPE ProLiant servers and Kubernetes components to evade detection [Cyberpress; GBHackers].

[UPDATE] TeamPCP Shifts Focus to AI Developers in Supply Chain Attacks Continuing their multi-front supply chain campaign reported earlier this week, the TeamPCP threat actor group has specifically pivoted to targeting organizations building artificial intelligence software. The FBI Cyber Division issued an alert noting that attackers have compromised widely used developer tools to plant malicious code, leveraging weak credential management and AI-assisted coding techniques to distribute payloads. This evolution follows previous compromises of the Trivy vulnerability scanner, LiteLLM PyPI package, and Docker Hub images, indicating a sustained effort to infiltrate development environments GBHackers.

[NEW] Silver Fox Group Shifts from RATs to Python Stealers The China-based Silver Fox cybercrime group has evolved its tactics, shifting from deploying Remote Access Trojans (RATs) like ValleyRAT to custom Python-based stealers in campaigns targeting South Asia. Recent attacks against financial institutions and government entities in Malaysia, Indonesia, and Singapore have utilized a Python stealer disguised as a WhatsApp application to harvest credentials and financial data. This transition marks a move toward stealthier, financially motivated operations while maintaining a secondary espionage capability, with initial access often gained via phishing emails impersonating tax authorities or payroll organizations Cyberpress.

[NEW] Kiss Loader Malware Uses Early Bird APC Injection A newly identified Python-based loader named “Kiss Loader” is actively targeting Windows systems using a multi-stage infection chain that culminates in an Early Bird Asynchronous Procedure Call (APC) injection attack. Discovered after a researcher inadvertently engaged in a real-time conversation with the threat actor during analysis, the malware uses TryCloudflare tunnels to deliver payloads and injects shellcode into explorer.exe before normal process execution begins to bypass endpoint detection. Evidence of active development, including embedded testing utilities and AI-generated code comments, suggests this is an emerging threat requiring close monitoring [Cyberpress].

⚠️ Vulnerabilities & Patches

[NEW] Windows Error Reporting Service Flaw Allows SYSTEM Privilege Escalation (CVE-2026-20817) Microsoft has patched a critical local Elevation of Privilege (EoP) vulnerability in the Windows Error Reporting (WER) service that allows standard users to gain full SYSTEM access. The flaw stems from improper handling of Advanced Local Procedure Call (ALPC) messages in WerSvc.dll, which permits attackers to execute arbitrary commands as SYSTEM by controlling command-line arguments in shared memory. Unusually, Microsoft chose to mitigate the risk by removing the vulnerable SvcElevatedLaunch functionality entirely rather than patching the logic, and a proof-of-concept exploit has already been published online [Cyberpress; GBHackers].

[NEW] Critical Kea DHCP Flaw Allows Remote Service Crashes (CVE-2026-3608) The Internet Systems Consortium (ISC) has issued a security advisory for a high-severity stack overflow vulnerability in the Kea DHCP server software, widely used by enterprises and ISPs. Tracked as CVE-2026-3608 (CVSS 7.5), the flaw allows remote, unauthenticated attackers to crash core DHCP daemons (kea-dhcp4, kea-dhcp6, kea-ctrl-agent) by sending specially crafted messages to API sockets or High Availability listeners. A successful exploit causes a denial-of-service condition that prevents new devices from joining the network and blocks existing devices from renewing IP leases. ISC recommends immediate upgrades to versions 2.6.5 or 3.0.3, or enabling TLS with mutual authentication on API endpoints as a temporary mitigation [Cyberpress; GBHackers].

[NEW] Vendors Patch Flaws in Grafana, Squid, Spring, and Network Gear Several critical vulnerability disclosures were released today across enterprise software and networking hardware:

• Grafana: Versions prior to 12.4.2, 12.3.6, 12.2.8, 12.1.10, and 11.6.14 contain critical and high severity security fixes (CVE-2026-27876, CVE-2026-27880) [Canadian Centre for Cyber Security].
• Squid Proxy: Versions prior to 7.5 contain multiple Denial-of-Service vulnerabilities in ICP request handling [Canadian Centre for Cyber Security].
• Spring Cloud & AI: Multiple vulnerabilities including SSRF and RCE (CVE-2026-22739, CVE-2026-22743, CVE-2026-22744, CVE-2026-22742, CVE-2026-22738) affect vector stores and configuration services [Canadian Centre for Cyber Security].
• TP-Link, Canva, HikVision: Cisco Talos disclosed 10 vulnerabilities in the TP-Link Archer AX53 router (RCE), 19 out-of-bounds reads in Canva Affinity, and a buffer overflow in HikVision terminals [Talos Intelligence].

🛡️ Defense & Detection

[NEW] AI Chatbots with Built-in Browsers Pose Hidden C2 Risk Security researchers have identified a new technique where malware hijacks the web-browsing capabilities of AI chatbots (like Microsoft Copilot) to serve as covert command-and-control (C2) channels. By instructing the AI agent to visit attacker-controlled pages or encoding stolen data into requests, attackers can blend malicious traffic into trusted flows to popular AI services, effectively bypassing traditional network security controls that whitelist these domains. Defenders are advised to limit autonomous browsing features, revoke unnecessary session tokens, and avoid pasting sensitive data into AI interfaces to mitigate this risk Panda Security.

[NEW] Analysis Reveals Undisclosed Fixes in Apple Background Security Improvements A reverse engineering analysis of Apple’s recent “Background Security Improvements” (BSI) update for iOS/macOS 26.3.1 has revealed that the patch contains fixes for one publicly disclosed CVE (CVE-2026-20643 regarding WebKit) and at least two additional security hardening measures not mentioned in the advisory. The undisclosed fixes address a WebGL integer overflow in the ANGLE library and lifetime hardening for ServiceWorker registration to prevent dangling references. This highlights the value of deep-dive analysis, as silent security improvements often address critical memory safety issues alongside public patches Malware.news.

📋 Policy & Industry News

[NEW] ODNI Announces AI Policy and Zero-Trust Modernization The Office of the Director of National Intelligence (ODNI) has released a summary of its year-one technology modernization efforts, announcing the development of policy frameworks to accelerate AI adoption for cybersecurity. The agency has expanded automation of threat hunting across intelligence community networks and established a shared repository of cybersecurity-vetted applications to save time and resources. Additionally, a new zero-trust strategy is being implemented to shift the agency to a data-centric security model that protects information regardless of location or network CyberScoop.

[NEW] FCC Proposes Stricter Rules for Robocallers and Foreign Call Centers The Federal Communications Commission (FCC) has unanimously approved a proposal to increase certification and disclosure requirements for obtaining phone numbers, aiming to curb the use of legitimate numbers by illegal robocallers. The proposed rules would expand requirements to all resellers and impose stricter reporting on caller identities to assist in tracebacks. Simultaneously, the commission is exploring rules that would require telecommunications providers to disclose the use of overseas call centers and potentially route calls involving sensitive information through US-based locations CyberScoop.

⚡ Quick Hits

• Dutch Police Breach: The Dutch National Police disclosed a limited security breach caused by a phishing attack, confirming that citizen data and investigative information were not exposed [BleepingComputer].
• Infiniti Stealer on macOS: A new macOS infostealer named “Infiniti Stealer” is being distributed via fake Cloudflare CAPTCHA pages using the ClickFix technique, tricking users into running terminal commands to install a Nuitka-compiled Python payload [Malwarebytes].
• Ajax Football Club Hack: A hacker exploited vulnerabilities in AFC Ajax’s IT systems, accessing the email addresses of hundreds of fans and potentially manipulating stadium bans and season tickets [BleepingComputer].
• BRUSHWORM/BRUSHLOGGER Attacks: A South Asian financial institution was hit by a custom malware toolkit combining the BRUSHWORM modular backdoor and a DLL side-loaded keylogger (BRUSHLOGGER) [GBHackers].