THE ThreatsDay Bulletin flags a pre-authenticated remote code execution chain in Progress ShareFile, comprising CVE-2026-2699 and CVE-2026-2701, which could be combined to bypass authentication and upload web shells; Progress released fixes with Storage Zone Controller 5.12.4 on 10 March 2026, and there are about 30,000 internet-facing instances requiring patching.
It also reports a rootkit campaign, NoVoice, spread via more than 50 Android apps and downloaded at least 2.3 million times, which exploits 22 Android vulnerabilities to gain root access and inject attacker-controlled code into other apps. The FBI warns of data security risks from foreign-developed mobile apps, noting potential access to users’ data by Chinese-based apps and listing TikTok, Shein, Temu and DeepSeek as fitting the profile. The bulletin also notes the U.S.
State Department’s launch of the Bureau of Emerging Threats to protect national security against cyber threats, including risks from Iran, China, Russia and North Korea. Readers are urged to scan their networks, as small patterns can indicate broader threats, with several items illustrating how attackers bypass logs, abuse supply chains, or evade traditional detections.
According to the FBI, these developments underscore the need for vigilance as threat activity accelerates across mobile ecosystems, cloud services, and software supply chains.