Tag: supply-chain
-
The external pressures redefining cybersecurity risk
Tags: access, ai, attack, breach, business, ciso, control, cyber, cyberattack, cybersecurity, data, deep-fake, defense, email, governance, guide, incident response, injection, network, nist, resilience, risk, risk-management, supply-chain, technology, threat, toolAI is accelerating both the attackers and your defenses, but governance is often missing : What I see generative AI doing in cybersecurity is accelerating what attackers can do and lowering the cost of entry for new criminal gangs. Cyberattacks are more potent because the technology makes it easier to target victims, create deepfake videos or…
-
Axios Supply Chain Attack Exposes Developers to Hidden Malware
The Axios supply chain attack that surfaced on March 31, 2026, has raised serious concerns across the JavaScript ecosystem, exposing how a compromised npm Account can be leveraged to distribute malware at scale. The incident involved poisoned releases of the widely used HTTP client library Axios, where attackers exploited a hijacked Axios maintainer account to silently introduce a cross-platform remote access trojan (RAT). First…
-
National Cyber Resilience Demands Unified Defense
UK NCSC’s Richard Horne on Strengthening Cyber Defense and Incident Response. Cyber risk is rising as digital dependence grows and threat actors expand. NCSC CEO Richard Horne outlines why leaders must treat cybersecurity as mission-critical, strengthen their resilience, and align defense efforts to counter ransomware, AI-driven threats, and supply chain attacks. First seen on govinfosecurity.com…
-
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency.Versions 1.14.1 and 0.30.4 of Axios have been found to inject “plain-crypto-js” version 4.2.1 as a fake dependency.According to StepSecurity, the two versions were published using the compromised npm credentials…
-
TeamPCP’s attack spree slows, but threat escalates with ransomware pivot
TeamPCP’s destructive run of supply chain breaches has stopped, for now: it has been three days since the group published malicious versions of Telnyx’s SDK on PyPI, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/30/teampcp-supply-chain-attacks-ransomware/
-
BSidesSLC 2025 A New XZ Every Day Paul Novarese On The Collapse Of OSS Supply Chain Security
Tags: supply-chainAuthor, Creator & Presenter: Paul Novarese – Principal Solutions Engineer At Hunted Labs Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bsidesslc-2025-a-new-xz-every-day-paul-novarese-on-the-collapse-of-oss-supply-chain-security/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90
Tags: attack, browser, chrome, cyber, docker, government, international, iran, malware, software, supply-chainSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape New Malware Targets Users of Cobra DocGuard Software Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets Trivy Supply Chain Attack Expands to Compromised Docker Images VoidStealer: Debugging Chrome to Steal…
-
LiteLLM Supply Chain Attack Exposes Credentials Across AI Ecosystems
A backdoored LiteLLM package enabled credential theft and persistence, exposing software supply chain risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/litellm-supply-chain-attack-exposes-credentials-across-ai-ecosystems/
-
Attackers exploit critical Langflow RCE within hours as CISA sounds alarm
Tags: access, advisory, ai, api, attack, cisa, cloud, credentials, cve, cvss, data, data-breach, detection, endpoint, exploit, flaw, framework, github, infrastructure, injection, kev, malicious, monitoring, nvd, open-source, rce, remote-code-execution, software, supply-chain, threat, update, vulnerability, windowscredentials, was weaponized within 20 hours of the open-source AI-pipeline tool disclosing it.According to a Sysdig report, crooks started hitting a fleet of honeypot nodes with vulnerable instances across multiple cloud providers and regions right after they went live. Sysdig observed four such attempts within hours of deployment, with one attacker progressing to environment variable exfiltration.”This is…
-
Attackers exploit critical Langflow RCE within hours as CISA sounds alarm
Tags: access, advisory, ai, api, attack, cisa, cloud, credentials, cve, cvss, data, data-breach, detection, endpoint, exploit, flaw, framework, github, infrastructure, injection, kev, malicious, monitoring, nvd, open-source, rce, remote-code-execution, software, supply-chain, threat, update, vulnerability, windowscredentials, was weaponized within 20 hours of the open-source AI-pipeline tool disclosing it.According to a Sysdig report, crooks started hitting a fleet of honeypot nodes with vulnerable instances across multiple cloud providers and regions right after they went live. Sysdig observed four such attempts within hours of deployment, with one attacker progressing to environment variable exfiltration.”This is…
-
TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware
TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/27/teampcp-telnyx-supply-chain-compromise/
-
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation
Tags: cisa, cve, cybersecurity, exploit, infrastructure, kev, rce, remote-code-execution, supply-chain, vulnerabilityThe US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/27/cve-2026-33017-cve-2026-33634-exploited/
-
TeamPCP Hackers Focus on AI Developers, Planting Malicious Code to Disrupt Projects
Tags: ai, attack, credentials, cyber, exploit, group, hacker, intelligence, malicious, security-incident, supply-chain, threat, toolThe FBI Cyber Division has issued a critical alert following a massive supply chain attack orchestrated by the threat actor group TeamPCP. The hackers successfully compromised two widely used developer tools, creating a cascading security incident for organizations building artificial intelligence software. By exploiting weak credential management and leveraging AI-assisted coding, the group distributed malicious…
-
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV…
-
TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/teampcp-targets-telnyx-pypi-package/
-
Erpressungen erwartet: Hacker wollen riesige Supply-Chain-Attacke zu Geld machen
Nach verheerenden Attacken auf Trivy, LiteLLM und andere Tools will TeamPCP massenhaft eingesammelte Zugangsdaten für Ransomware-Angriffe einsetzen. First seen on golem.de Jump to article: www.golem.de/news/erpressungen-erwartet-hacker-wollen-riesige-supply-chain-attacke-zu-geld-machen-2603-206984.html
-
LiteLLM Hit in Cascading Supply-Chain Attack
Stolen Credentials From Trivy Breach Let Hackers Push Malware to PyPI. Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing developers to credential theft, persistent backdoors and lateral movement tools within hours of publication. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/litellm-hit-in-cascading-supply-chain-attack-a-31210
-
Microsoft Unveils New Guidance to Detect and Defend Against Trivy Supply Chain Attack
Tags: attack, credentials, cve, cyber, malware, microsoft, supply-chain, threat, tool, vulnerabilityAqua Security’s vulnerability scanner, Trivy, suffered a sophisticated CI/CD supply chain compromise. The threat actor, identified as TeamPCP, leveraged prior incomplete remediation to inject credential-stealing malware into official releases. This incident, tracked as CVE-2026-33634, successfully weaponized a trusted security tool against the organizations relying on it to stay safe. This visualizes the attack propagation timeline…
-
Your facilities run on fragile supply chains and nobody wants to admit it
In this Help Net Security interview, Christa Dodoo, Global Chair at IFMA, discusses how facility managers are managing supply chain risk in critical building systems. She … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/26/christa-dodoo-ifma-facility-resilience-risk/
-
What the UK Cyber Security Resilience Bill Means for Security Practitioners
Tags: cloud, compliance, cyber, data, detection, finance, framework, incident response, msp, network, nis-2, regulation, resilience, risk, saas, service, supply-chainThe UK Cyber Security & Resilience Bill is progressing through Parliament Royal Assent expected later in 2026. The UK’s Cyber Security and Resilience Bill is working its way through Parliament, and if you haven’t started paying serious attention yet, now is the time. Introduced to the House of Commons in November 2025, the Bill represents…
-
AI supply chain attacks don’t even require malware”¦just post poisoned documentation
A proof-of-concept attack on Context Hub suggests there’s not much content santization First seen on theregister.com Jump to article: www.theregister.com/2026/03/25/ai_agents_supply_chain_attack_context_hub/
-
AI supply chain attacks don’t even require malware”¦just post poisoned documentation
A proof-of-concept attack on Context Hub suggests there’s not much content santization First seen on theregister.com Jump to article: www.theregister.com/2026/03/25/ai_agents_supply_chain_attack_context_hub/
-
How GitGuardian Enables Rapid Response to the LiteLLM Supply Chain Attack
Learn how to detect compromise, assess your exposure to the LiteLLM supply chain attack, and use GitGuardian to orchestrate rapid incident response and secret remediation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-gitguardian-enables-rapid-response-to-the-litellm-supply-chain-attack/
-
Supply chain attack hits widely-used AI package, risks impacting thousands of companies
The incident highlights growing concerns over the security of the open-source software supply chain, where widely-used tools maintained by small teams can provide a gateway into thousands of organizations if compromised. First seen on therecord.media Jump to article: therecord.media/supply-chain-attack-hits-widely-used-ai-package
-
NetRise Launches Provenance to Map Who Is Behind Open Source Components and How Risk Spreads
NetRise launched NetRise Provenance on March 24 at RSAC 2026, a new product that adds contributor-level visibility to software supply chain analysis. Where most supply chain tools stop at identifying components and vulnerabilities, Provenance goes a layer deeper: mapping which humans and organizations are behind the open source packages inside enterprise software and connected devices,..…
-
Paid AI Accounts Are Now a Hot Underground Commodity
AI accounts are becoming part of the cybercrime supply chain, sold like email accounts or VPS access. Flare Systems shows how underground markets bundle and resell premium AI access at scale. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paid-ai-accounts-are-now-a-hot-underground-commodity/
-
Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave
Tags: access, breach, business, ceo, control, credentials, extortion, github, incident response, Internet, malicious, mandiant, open-source, saas, software, supply-chain, theft, updateA pattern of persistent access: This is the second compromise affecting the Trivy ecosystem within roughly a month. Socket identified compromised Aqua Trivy VS Code extension releases on OpenVSX in late February, and now trivy-action, Trivy’s official GitHub Action for running scans in CI/CD workflows, has been abused through manipulated version tags to distribute malicious…
-
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials
Tags: access, advisory, api, attack, cloud, container, credentials, data, exploit, extortion, github, group, infrastructure, malicious, malware, open-source, pypi, supply-chain, tactics, tool, vulnerabilityAn expanding supply-chain campaign: The LiteLLM incident has been confirmed to be a part of the rapidly unfolding TeamPCP supply chain campaign that first compromised Trivy.Trivy, developed by Aqua Security, is a widely used open-source vulnerability scanner designed to identify security issues in container images, file systems, and infrastructure-as-code (IaC) configurations. The ongoing attack, attributed…