Tag: supply-chain
-
LiteLLM Hit in Cascading Supply-Chain Attack
Stolen Credentials From Trivy Breach Let Hackers Push Malware to PyPI. Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing developers to credential theft, persistent backdoors and lateral movement tools within hours of publication. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/litellm-hit-in-cascading-supply-chain-attack-a-31210
-
Microsoft Unveils New Guidance to Detect and Defend Against Trivy Supply Chain Attack
Tags: attack, credentials, cve, cyber, malware, microsoft, supply-chain, threat, tool, vulnerabilityAqua Security’s vulnerability scanner, Trivy, suffered a sophisticated CI/CD supply chain compromise. The threat actor, identified as TeamPCP, leveraged prior incomplete remediation to inject credential-stealing malware into official releases. This incident, tracked as CVE-2026-33634, successfully weaponized a trusted security tool against the organizations relying on it to stay safe. This visualizes the attack propagation timeline…
-
Your facilities run on fragile supply chains and nobody wants to admit it
In this Help Net Security interview, Christa Dodoo, Global Chair at IFMA, discusses how facility managers are managing supply chain risk in critical building systems. She … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/26/christa-dodoo-ifma-facility-resilience-risk/
-
What the UK Cyber Security Resilience Bill Means for Security Practitioners
Tags: cloud, compliance, cyber, data, detection, finance, framework, incident response, msp, network, nis-2, regulation, resilience, risk, saas, service, supply-chainThe UK Cyber Security & Resilience Bill is progressing through Parliament Royal Assent expected later in 2026. The UK’s Cyber Security and Resilience Bill is working its way through Parliament, and if you haven’t started paying serious attention yet, now is the time. Introduced to the House of Commons in November 2025, the Bill represents…
-
AI supply chain attacks don’t even require malware”¦just post poisoned documentation
A proof-of-concept attack on Context Hub suggests there’s not much content santization First seen on theregister.com Jump to article: www.theregister.com/2026/03/25/ai_agents_supply_chain_attack_context_hub/
-
AI supply chain attacks don’t even require malware”¦just post poisoned documentation
A proof-of-concept attack on Context Hub suggests there’s not much content santization First seen on theregister.com Jump to article: www.theregister.com/2026/03/25/ai_agents_supply_chain_attack_context_hub/
-
How GitGuardian Enables Rapid Response to the LiteLLM Supply Chain Attack
Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate rapid incident response and secret remediation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-gitguardian-enables-rapid-response-to-the-litellm-supply-chain-attack/
-
Supply chain attack hits widely-used AI package, risks impacting thousands of companies
The incident highlights growing concerns over the security of the open-source software supply chain, where widely-used tools maintained by small teams can provide a gateway into thousands of organizations if compromised. First seen on therecord.media Jump to article: therecord.media/supply-chain-attack-hits-widely-used-ai-package
-
NetRise Launches Provenance to Map Who Is Behind Open Source Components and How Risk Spreads
NetRise launched NetRise Provenance on March 24 at RSAC 2026, a new product that adds contributor-level visibility to software supply chain analysis. Where most supply chain tools stop at identifying components and vulnerabilities, Provenance goes a layer deeper: mapping which humans and organizations are behind the open source packages inside enterprise software and connected devices,..…
-
Paid AI Accounts Are Now a Hot Underground Commodity
AI accounts are becoming part of the cybercrime supply chain, sold like email accounts or VPS access. Flare Systems shows how underground markets bundle and resell premium AI access at scale. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paid-ai-accounts-are-now-a-hot-underground-commodity/
-
Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave
Tags: access, breach, business, ceo, control, credentials, extortion, github, incident response, Internet, malicious, mandiant, open-source, saas, software, supply-chain, theft, updateA pattern of persistent access: This is the second compromise affecting the Trivy ecosystem within roughly a month. Socket identified compromised Aqua Trivy VS Code extension releases on OpenVSX in late February, and now trivy-action, Trivy’s official GitHub Action for running scans in CI/CD workflows, has been abused through manipulated version tags to distribute malicious…
-
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials
Tags: access, advisory, api, attack, cloud, container, credentials, data, exploit, extortion, github, group, infrastructure, malicious, malware, open-source, pypi, supply-chain, tactics, tool, vulnerabilityAn expanding supply-chain campaign: The LiteLLM incident has been confirmed to be a part of the rapidly unfolding TeamPCP supply chain campaign that first compromised Trivy.Trivy, developed by Aqua Security, is a widely used open-source vulnerability scanner designed to identify security issues in container images, file systems, and infrastructure-as-code (IaC) configurations. The ongoing attack, attributed…
-
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/teampcp-supply-chain-attacks/
-
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/teampcp-supply-chain-attacks/
-
US targets foreign-made routers as security concerns rise, but experts warn risks go further
The US Federal Communications Commission (FCC) has expanded its “Covered List” to include certain foreign-made consumer routers, a move that will block new models from receiving equipment authorisation and prevent them from being imported or sold in the United States. The decision reflects growing concern around supply chain security and the potential for foreign state…
-
GoHarbor Issues Urgent Patch for Harbor Flaw Allowing Full Registry Compromise
A critical security flaw in GoHarbor’s Harbor container registry exposes organizations to severe supply chain attacks. Tracked as CVE-2026-4404, this vulnerability stems from hardcoded default credentials that remain active unless manually altered by an administrator. Harbor functions as an open-source, OCI-compliant registry project designed to store, sign, and manage container images. Because it plays a…
-
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/teampcp-litellm-pypi-supply-chain/
-
TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign
Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers. First seen on hackread.com Jump to article: hackread.com/teampcp-trivy-checkmarx-litellm-credential-theft/
-
ClawHub Vulnerability Lets Attackers Manipulate Rankings to Become Top Skill
Silverfort researchers recently uncovered a critical security flaw in ClawHub, the main public registry for the OpenClaw agent ecosystem. This vulnerability allowed attackers to artificially boost download numbers, pushing malicious code to the top of the search results. This created a massive supply chain risk that could allow threat actors to run dangerous code on…
-
Malicious LiteLLM versions linked to TeamPCP supply chain attack
TeamPCP backdoored LiteLLM v1.82.71.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access. Threat actor TeamPCP compromised LiteLLM versions 1.82.7 and 1.82.8, likely through a Trivy CI/CD breach. LiteLLM, with over 95 million monthly downloads, helps developers route LLM requests via a single API. The malicious releases, now…
-
Malicious LiteLLM versions linked to TeamPCP supply chain attack
TeamPCP backdoored LiteLLM v1.82.71.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access. Threat actor TeamPCP compromised LiteLLM versions 1.82.7 and 1.82.8, likely through a Trivy CI/CD breach. LiteLLM, with over 95 million monthly downloads, helps developers route LLM requests via a single API. The malicious releases, now…
-
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
The U.S. Federal Communications Commission (FCC) said on Monday that it was banning the import of new, foreign-made consumer routers, citing “unacceptable” risks to cyber and national security.The action was designed to safeguard Americans and the underlying communications networks the country relies on, FCC Chairman Brendan Carr said in a post on X. The development…
-
FCC Blocks New Foreign Consumer Router Models Citing Serious Security Risks
On March 23, 2026, the Federal Communications Commission (FCC) officially updated its Covered List to ban all new consumer-grade routers produced in foreign countries from receiving equipment authorisation. This regulatory action, driven by a White House-convened Executive Branch interagency determination, aims to mitigate severe cybersecurity risks and supply chain vulnerabilities threatening U.S. critical infrastructure. The…
-
Compromised LiteLLM Package With 95M Downloads Tied to TeamPCP, After Trivy KICS Hacks
Security researchers discovered that the popular Python library litellm was compromised on PyPI. With over 95 million monthly downloads, this open-source tool helps developers route requests across various LLM providers through a single API. The threat actor, identified as TeamPCP, injected malicious code into versions 1.82.7 and 1.82.8. This devastating supply chain attack directly follows the group’s…
-
Compromised LiteLLM Package With 95M Downloads Tied to TeamPCP, After Trivy KICS Hacks
Security researchers discovered that the popular Python library litellm was compromised on PyPI. With over 95 million monthly downloads, this open-source tool helps developers route requests across various LLM providers through a single API. The threat actor, identified as TeamPCP, injected malicious code into versions 1.82.7 and 1.82.8. This devastating supply chain attack directly follows the group’s…
-
Aqua Security’s Trivy Scanner Hit by Supply Chain Attack, Threatening Software Integrity
Tags: attack, cyber, github, malicious, open-source, risk, software, supply-chain, threat, vulnerabilityA sophisticated supply chain attack compromised Aqua Security’s popular open-source Trivy vulnerability scanner. Threat actors successfully distributed malicious code through the project’s GitHub Actions, targeting deployment pipelines to silently exfiltrate sensitive credentials. While Aqua’s commercial products remain completely unaffected, the incident highlights the severe risks of using mutable version tags in deployment automation. The attack…
-
Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack/
-
Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack/
-
Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit
TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx’s KICS and VS Code plug-ins, and the LiteLLM AI library, and all signs point to more attacks to come. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/checkmarx-kics-code-scanner-widening-supply-chain