{ "id": "713d1a12-a293-4192-8a6b-b6a929f6c026", "created_at": "2026-04-06T00:09:06.203521Z", "updated_at": "2026-04-10T03:37:59.038966Z", "deleted_at": null, "sha1_hash": "c05f5c31adfcd26b300e871be9d01a289f965144", "title": "Security Without Fear - Decipher", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 92974, "plain_text": "Security Without Fear - Decipher\r\nBy By Dennis Fisher April 5, 2026 | 1 min read\r\nPublished: 2026-03-31 · Archived: 2026-04-05 16:35:27 UTC\r\nFortinet CVE-2026-35616 Actively Exploited\r\nThe company published an advisory on Saturday and urged all customers who are running affected\r\nversions of the software to install the hotfix as quickly as possible. The bug affects versions 7.4.5 and 7.4.6\r\nof FortiClient EMS. \r\nGo to previous slide\r\nGo to slide 1\r\nGo to slide 2\r\nGo to slide 3\r\nGo to next slide\r\nFortinet CVE-2026-35616 Actively Exploited\r\nApril 5, 2026 | 1 min read\r\nhttps://duo.com/decipher/trickbot-up-to-its-old-tricks\r\nPage 1 of 3\n\nSupply Chain Attack Hits Axios NPM Packages\r\nApril 1, 2026 | 4 min read\r\nCommand Injection Bug in OpenAI Codex Exposed GitHub OAuth Tokens\r\nMarch 30, 2026 | 3 min read\r\nGo to slide 1\r\nGo to slide 2\r\nGo to slide 3\r\nTopics\r\nThe Latest\r\nAxios is a dependency in nearly 80% of all cloud and code environments and sees approximately 100 million\r\ndownloads per week.\r\nRead More Supply Chain Attack Hits Axios NPM Packages\r\nThe bug is a command injection issue and lies in the way that Codex processed GitHub branch names during the\r\nexecution of tasks.\r\nRead More Command Injection Bug in OpenAI Codex Exposed GitHub OAuth Tokens\r\nTeamPCP’s latest victim is the Telnyx Python SDK on PyPl, coming after a wave of supply chain hits on Aqua\r\nTrivy, Checkmarx KICS/OpenVSX, and LiteLLM.\r\nRead More TeamPCP’s Supply Chain Attack Spree Continues\r\nTechnology moves quickly, and as we’re discovering yet again, threat actors move just as quickly, and are\r\nadopting AI tools and platforms at an astonishing rate.\r\nRead More For AI and Security, ‘The Storm is Coming’\r\nAleksei Volkov, 26, has been sentenced to almost seven years in prison for his role in facilitated Yanluowang\r\nransomware group attacks.\r\nRead More DoJ Sentences Russian Initial Access Broker to 6 Years in Prison\r\nWendy Nather joins Dennis Fisher to dig into the nutrient-rich narrative soil that produced a modern classic that\r\ntruly epitomizes the hacker ethos. We are the greatest podcasters on Mars!\r\nhttps://duo.com/decipher/trickbot-up-to-its-old-tricks\r\nPage 2 of 3\n\nRead More Mark Watney: Space Hacker\r\nSource: https://duo.com/decipher/trickbot-up-to-its-old-tricks\r\nhttps://duo.com/decipher/trickbot-up-to-its-old-tricks\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "references": [ "https://duo.com/decipher/trickbot-up-to-its-old-tricks" ], "report_names": [ "trickbot-up-to-its-old-tricks" ], "threat_actors": [ { "id": "63883709-27b5-4b65-9aac-c782780fbb28", "created_at": "2026-04-10T02:00:03.996704Z", "updated_at": "2026-04-10T02:00:03.996704Z", "deleted_at": null, "main_name": "TeamPCP", "aliases": [], "source_name": "MISPGALAXY:TeamPCP", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1775434146, "ts_updated_at": 1775792279, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/c05f5c31adfcd26b300e871be9d01a289f965144.pdf", "text": "https://archive.orkl.eu/c05f5c31adfcd26b300e871be9d01a289f965144.txt", "img": "https://archive.orkl.eu/c05f5c31adfcd26b300e871be9d01a289f965144.jpg" } }