1.8 million RDP and 1.6 million VNC servers are currently exposed to the internet, according to Forescout — a scale that helps explain why this week’s bulletin reads like an instruction manual for opportunistic attackers.
SMS blaster phishing crackdown in Canada
Canadian authorities arrested three men on 44 charges after seizing an SMS blaster device that impersonated a cellular tower to send phishing texts to nearby phones. Authorities said the device “mimics a legitimate cellular tower. When nearby phones connect to it, users receive fraudulent text messages that appear to come from trusted organizations,” and that “these messages often prompt recipients to click on links that lead to fake websites designed to capture personal information, including banking credentials and passwords.” Tens of thousands of devices connected to the blaster over several months, and officials described the incident as the first time an SMS blaster has been spotted in the country.
Supply-chain sabotage: npm “tanstack” and PyPI “elementary-data”
Two separate attacks on developer supply chains this week highlight how package ecosystems remain lucrative targets. Socket reported an npm package named tanstack, maintained by a user called “sh20raj,” that “silently steal[s] environment variable files, including .env, .env.local, and .env.production, from developers' machines at install time, exfiltrating them to an attacker-controlled endpoint.” Versions 2.0.4 through 2.0.7 are confirmed malicious.
On PyPI, StepSecurity detailed a malicious release of elementary-data (version 0.23.3) uploaded on April 24, 2026, at 10:20 p.m. UTC. The actor exploited a script-injection vulnerability in a GitHub Actions workflow to publish a signed release without touching the master branch. The published package included an elementary.pth file that enabled theft of developer credentials and cryptocurrency wallets; developers who installed 0.23.3 or pulled and ran its Docker image were urged to assume compromise and rotate credentials.
Critical OpenEMR flaws threaten patient data
AISLE disclosed 38 security vulnerabilities in OpenEMR, the open-source electronic medical records platform used by more than 100,000 providers and serving over 200 million patients in 34 languages. The flaws — now patched — span missing or incorrect authorization checks, cross-site scripting, SQL injection, path traversal, and insufficient session expiration. Two were designated critical (CVE-2026-24908 and CVE-2026-23627). AISLE warned that “in the most severe cases, SQL injection vulnerabilities combined with modest database privileges could have led to full database compromise, PHI exfiltration at scale, and remote code execution on the server.”
Mass-exposed remote access servers and an unpatched RPC weakness
Forescout’s analysis found wide exposure of remote access services: China accounts for 22% of exposed RDP and 70% of exposed VNC servers; the U.S. accounts for 20% and 7%, respectively. Of 91,000 RDP servers mapped to industries, retail, services, and education led RDP exposure; education, services, and healthcare led VNC exposure. Alarmingly, 18% of exposed RDP servers run end-of-life Windows versions, more than 19,000 RDP servers remain vulnerable to BlueKeep (CVE-2019-0708), and nearly 60,000 VNC servers have authentication disabled. More than 670 exposed VNC servers provide direct access to OT/ICS control panels.
Compounding the risk, Kaspersky disclosed an unpatched local privilege escalation in Windows called PhantomRPC that abuses RPC handling to impersonate services and elevate privileges to SYSTEM. Kaspersky found four exploitation paths. Following responsible disclosure in September 2025, Microsoft “opted to not address the issue” on the grounds that exploitation requires an attacker to first compromise the machine through other means.
What this means for developers, healthcare providers, and consumers
- Developers: Package ecosystems and CI workflows are active attack surfaces — the tanstack npm backdoor and the elementary-data PyPI compromise both used install-time hooks or CI script injection to steal secrets. Developers should treat recent installs from affected versions as compromised and rotate credentials, as advised by StepSecurity and Socket.
- Healthcare providers: Clinics and hospitals running OpenEMR face concrete risk from SQL injection and authorization flaws that could expose PHI or enable remote code execution; AISLE’s assessment underlines that patches are available but must be applied.
- Consumers and platform users: Social and telephony vectors remain dangerous — SMS blasters, next-generation phishing kits such as Saiga 2FA and Phoenix System, and large-scale account theft (more than 610,000 Roblox accounts accessed and sold for $225,000) show attackers mixing technical and social techniques to monetize access.
Two clear patterns emerge from this week’s filing of incidents: attackers increasingly weaponize legitimate tools and services (Komari agents, public package ecosystems, CI workflows, and GitHub Actions), and many of the problems succeed because basic hygiene — patched software, authenticated remote access, rotated credentials — is not in place. As the bulletin bluntly notes, “having a patch isn't enough if nobody actually installs it.” The remaining question is procedural: which organizations will convert disclosed fixes into immediate, demonstrable remediation before the next automated scan turns an exposed service into a headline.
