SANS Stormcast Tuesday, April 28th, 2026: More TeamPCP; Citrix XenServer Unpatched Vulns; Phantom RPC;
Tue Apr 28 2026
Malware
Open Source
Patch Management
Vulnerability
isc.sans.edu
TeamPCP Update https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20008%20-%2026-Day%20Pause%20Ends%20with%20Three%20Concurrent%20Compromises%20%28Checkmarx%20KICS%2C%20Bitwarden%20CLI%20Cascade%2C%20xinference%20PyPI%29%2C%20CanisterSprawl%20npm%20Worm%20Identified%2C%20and%20Tier%201%20Coverage%20Returns/32926 https://socket.dev/blog/73-open-vsx-sleeper-extensions-glassworm https://checkmarx.com/blog/checkmarx-security-update-april-26/ https://shittrix.moksha.dk/#rationale https://securelist.com/phantomrpc-rpc-vulnerability/119428/ https://github.com/pi-hole/pi-hole/security/advisories/GHSA-6w8x-p785-6pm4 https://nvd.nist.gov/vuln/detail/CVE-2026-41651