Today’s Briefing
Google Threat Intelligence reports a North Korea-nexus actor has compromised the widely used Axios NPM package in a supply chain attack, targeting a library with millions of weekly downloads. Separately, Google published updated guidance on preparing for and hardening against destructive attacks, reflecting shifts in adversary capability and targeting since the last edition. The watchlist includes CVE-2026-49268, a critical LDAP injection flaw in Apache Shiro allowing DN manipulation via unsanitised username input, and CVE-2026-50203, a path traversal in Apache Airflow's SFTP provider that permits malicious servers to write files outside the configured destination directory.
Top Stories
Full brief available to subscribers
The complete operator brief — action items with patch deadlines, the vulnerability appendix and named actor activity — goes out by email each morning. Subscribe free to receive it.
Get the brief at 07:00, every weekday.
The day's UK security intelligence, read and ranked so you start informed: the stories that matter, the IOCs your SIEM needs, and the actions worth taking first.