SANS Emergency Livestream: Axios NPM Supply Chain Compromise; 72-Hour Deadline to Patch Exploited Citrix Netscaler, F5 BIG-IP Flaws Added to CISA KEV; PTC Windchill and FlexPLM Critical Flaws Can be Mitigated

Multiple malicious versions of the widely used JavaScript library Axios have been published to NPM, deploying a remote access trojan capable of stealing credentials and maintaining persistent access across Windows, macOS, and Linux systems. With over 100 million weekly downloads, the potential impact is significant. SANS has published a technical analysis with indicators of compromise and mitigation guidance on the SANS blog, and is hosting an emergency livestream briefing today (March 31) at 2:30 PM ET featuring SANS Faculty Fellow Joshua Wright and Certified Instructor Rich Greene. Wright flagged the growing risk of software supply chain attacks just days ago at RSAC 2026.

Blog: https://www.sans.org/blog/axios-npm-supply-chain-compromise-malicious-packages-remote-access-trojan

Watch the livestream: https://www.sans.org/mlp/emergency-livestream-axios-npm-supply-chain-compromise

The US Cybersecurity and Infrastructure Security Agency (CISA) added a critical vulnerability in Cisco NetScaler to the Known Exploited Vulnerabilities (KEV) catalog on Monday, March 30, with a mitigation deadline for Federal Civilian Executive Branch (FCEB) agencies of Thursday, April 2. The critical memory overread flaw (CVE-2026-3055) was disclosed on Monday, March 23. At that time, Citrix made updates available to fix the issue. Researchers at watchTowr observed scanning for vulnerable NetScaler instances late last week, and active exploitation over the weekend. watchTowr has compared the vulnerability to CitrixBleed2, disclosed in June 2025: a critical insufficient input validation leading to memory overread vulnerability (CVE-2025-5777) affecting NetScaler when configured as a Gateway. watchTowr also says that CVE-2026-3055 is not a single vulnerability but instead comprises several memory leak issues: "What we can confidently conclude, post-analysis, is that CVE-2026-3055 is not one singular memory overread vulnerability. In fact, this CVE ID has been assigned to at least two memory overread vulnerabilities, affecting the following endpoints: /saml/login, and /wsfed/passive?wctx." The researchers have passed this information to the Citrix PSIRT team. The UK's National Cyber Security Centre has urged organizations to patch CVE-2026-3055 along with a second vulnerability, CVE-2026-4368, that was disclosed at the same time.

The US Cybersecurity and Infrastructure Security Agency (CISA) added a critical vulnerability in F5 BIG-IP Access Policy Manager (APM) to the Known Exploited Vulnerabilities (KEV) catalog on Friday, March 27, with a mitigation deadline for Federal Civilian Executive Branch (FCEB) agencies of Monday, March 30. According to F5's security advisory, CVE-2025-53521 "was previously categorized and remediated as a Denial-of-Service (DoS) vulnerability with CVSS scores of 7.5 (CVSS v3.1) and 8.7 (CVSS v4.0). Due to new information obtained in March 2026, the original vulnerability is being re-categorized to an RCE with CVSS scores of 9.8 (CVSS v3.1) and 9.3 (CVSS v4.0)." The flaw was initially disclosed in October 2025. They also note that "when a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to remote code execution. The BIG-IP system in Appliance mode is also vulnerable." The advisory lists vulnerable versions as well as indicators of compromise (IoCs).

The US Cybersecurity and Infrastructure Security Agency (CISA) and Germany's Federal Office for Information Security, Bundesamt für Sicherheit in der Informationstechnik (BSI), have published advisories for a critical code injection vulnerability in PTC Windchill and PTC FlexPLM product lifecycle management solutions. The flaw could be exploited via deserialization of untrusted data. PTC is currently working on updates to address the vulnerability. In the meantime, PTC has provided mitigations users can undertake to protect their systems, and a list of indicators of compromise (IoCs). Over the weekend of March 21-22, the vulnerability prompted Germany's Federal Criminal Police Office (BKA) to deploy law enforcement officers to alert companies they believed to be affected by the vulnerability.

Researchers from Stanford University, University of California Davis, and Delft University of Technology (TU Delft) have published a paper describing their discovery of exposed API keys on the internet. In the paper, "Keys on Doormats: Exposed API Credentials on the Web," the researchers describe their analysis using the TruffleHog tool to "identify 1,748 distinct credentials from 14 service providers (e.g., cloud and payment providers) across nearly 10,000 webpages." Their investigation "reveal[ed] that most exposures are introduced during dynamic bundling, deployment, or resource inclusions rather than their occurrence in static website code that prior works have primarily focused on." They also found that the credentials were exposed for significant lengths of time, averaging 12 months. The paper includes suggested best practices to guard against credential exposure.

Researchers at Check Point discovered a vulnerability in OpenAI ChatGPT that leaked data through a DNS side channel. Check Point notified OpenAI earlier this year and the flaw was addressed on February 20, 2026. In a blog post, Check Point writes that "The vulnerability we discovered allowed information to be transmitted to an external server through a side channel originating from the container used by ChatGPT for code execution and data analysis. Crucially, because the model operated under the assumption that this environment could not send data outward directly, it did not recognize that behavior as an external data transfer requiring resistance or user mediation. As a result, the leakage did not trigger warnings about data leaving the conversation, did not require explicit user confirmation, and remained largely invisible from the user’s perspective." Researchers at BeyondTrust Phantom Labs "identified a critical command injection vulnerability in OpenAI Codex that allowed for the theft of GitHub User Access Tokens." BeyondTrust reported the flaw to OpenAI on December 16, 2025, and it was fixed as of February 5, 2026.

GitHub has announced a change to its terms of use: Starting April 24, 2026, user interactions with Copilot will be used for training GitHub's AI model to provide "more intelligent, context-aware coding assistance." Users who do not want their data to be used in such a way can opt out of the plan. The new arrangement applies to the Free, Pro, and Pro+ plans; Business and Enterprise plan users are not affected by the change. In addition, students and educators using the free Pro plan and users who have already objected to code matching are not affected. GitHub says that by allowing the data to be used, users will "help [their] models better understand development workflows, deliver more accurate and secure code pattern suggestions, and improve their ability to help you catch potential bugs before they reach production." The plan will collect and train with outputs accepted or modified by users; inputs sent to GitHub Copilot, including code snippets shown to the model; code context surrounding cursor position; comments and documentation; file names repository structure, and navigation patterns; interactions with Copilot features (chat, inline suggestions, etc.); and suggestion feedback. The plan will not use interaction data from Copilot Business, Copilot Enterprise, or enterprise-owned repositories; interaction data from users who opt out of model training in their Copilot settings; or content from issues, discussions, or private repositories at rest.

In a filing with the US Securities and Exchange Commission (SEC) New Jersey-based company CareCloud disclosed that it "experienced a temporary network disruption in its CareCloud Health division that partially impacted the functionality and data access to 1 of its 6 electronic health record environments for approximately 8 hours." CareCloud notified its "carrier," brought in third-party experts "to perform external cybersecurity work and to assist with securing the environment, as well as to conduct a comprehensive IT forensic investigation to determine the nature and scope of this incident," and has notified law enforcement. The disruption occurred on March 16, 2026, and was contained the same day. CareCloud provides technology and software, including electronic health record systems, to more than 45,000 hospitals and medical practices.

The European Commission (EC) has disclosed a breach that "affected its cloud infrastructure hosting the Commission's web presence on the Europa.eu platform." The EC discovered the intrusion on March 24, 2026. According to a statement, the EC took steps to contain the incident, and Europa websites remained available during the incident. An investigation suggests the intruders stole data, and the EC is notifying affected entities. According to BleepingComputer, the incident "affected at least one of the Commission's AWS (Amazon Web Services) accounts." AWS told BleepingComputer that they did not experience a security event. This is the second breach the European Commission has disclosed this calendar year; in February, the Commission disclosed that on January 30, 2026, it discovered that a mobile device management platform had been breached.

A "glitch" at *Lloyds Banking Grou temporarily exposed personal financial data of nearly 450,000 customers earlier this month. On March 12, customers using the Lloyds, Halifax, and Bank of Scotland banking apps were able to see other customers' account balances, transactions, and personal data, including national insurance numbers. The situation was due to a problem in a system update. Lloyds notified both the UK's Financial Conduct Authority and the Information Commissioner's Office. In a separate story, Italy's Data Protection Authority fined Intesa Sanpaolo SpA €31.8 million (US$36 million) for failure to adequately protect customers' banking information. An investigation revealed that an Intesa Sanpaolo employee accessed banking information of more than 3,500 customers over a 26-month period without having a reason to do so.