Tag: supply-chain
-
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/teampcp-supply-chain-attacks/
-
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/teampcp-supply-chain-attacks/
-
US targets foreign-made routers as security concerns rise, but experts warn risks go further
The US Federal Communications Commission (FCC) has expanded its “Covered List” to include certain foreign-made consumer routers, a move that will block new models from receiving equipment authorisation and prevent them from being imported or sold in the United States. The decision reflects growing concern around supply chain security and the potential for foreign state…
-
GoHarbor Issues Urgent Patch for Harbor Flaw Allowing Full Registry Compromise
A critical security flaw in GoHarbor’s Harbor container registry exposes organizations to severe supply chain attacks. Tracked as CVE-2026-4404, this vulnerability stems from hardcoded default credentials that remain active unless manually altered by an administrator. Harbor functions as an open-source, OCI-compliant registry project designed to store, sign, and manage container images. Because it plays a…
-
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/teampcp-litellm-pypi-supply-chain/
-
TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign
Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers. First seen on hackread.com Jump to article: hackread.com/teampcp-trivy-checkmarx-litellm-credential-theft/
-
ClawHub Vulnerability Lets Attackers Manipulate Rankings to Become Top Skill
Silverfort researchers recently uncovered a critical security flaw in ClawHub, the main public registry for the OpenClaw agent ecosystem. This vulnerability allowed attackers to artificially boost download numbers, pushing malicious code to the top of the search results. This created a massive supply chain risk that could allow threat actors to run dangerous code on…
-
Malicious LiteLLM versions linked to TeamPCP supply chain attack
TeamPCP backdoored LiteLLM v1.82.71.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access. Threat actor TeamPCP compromised LiteLLM versions 1.82.7 and 1.82.8, likely through a Trivy CI/CD breach. LiteLLM, with over 95 million monthly downloads, helps developers route LLM requests via a single API. The malicious releases, now…
-
Malicious LiteLLM versions linked to TeamPCP supply chain attack
TeamPCP backdoored LiteLLM v1.82.71.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access. Threat actor TeamPCP compromised LiteLLM versions 1.82.7 and 1.82.8, likely through a Trivy CI/CD breach. LiteLLM, with over 95 million monthly downloads, helps developers route LLM requests via a single API. The malicious releases, now…
-
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
The U.S. Federal Communications Commission (FCC) said on Monday that it was banning the import of new, foreign-made consumer routers, citing “unacceptable” risks to cyber and national security.The action was designed to safeguard Americans and the underlying communications networks the country relies on, FCC Chairman Brendan Carr said in a post on X. The development…
-
FCC Blocks New Foreign Consumer Router Models Citing Serious Security Risks
On March 23, 2026, the Federal Communications Commission (FCC) officially updated its Covered List to ban all new consumer-grade routers produced in foreign countries from receiving equipment authorisation. This regulatory action, driven by a White House-convened Executive Branch interagency determination, aims to mitigate severe cybersecurity risks and supply chain vulnerabilities threatening U.S. critical infrastructure. The…
-
Compromised LiteLLM Package With 95M Downloads Tied to TeamPCP, After Trivy KICS Hacks
Security researchers discovered that the popular Python library litellm was compromised on PyPI. With over 95 million monthly downloads, this open-source tool helps developers route requests across various LLM providers through a single API. The threat actor, identified as TeamPCP, injected malicious code into versions 1.82.7 and 1.82.8. This devastating supply chain attack directly follows the group’s…
-
Compromised LiteLLM Package With 95M Downloads Tied to TeamPCP, After Trivy KICS Hacks
Security researchers discovered that the popular Python library litellm was compromised on PyPI. With over 95 million monthly downloads, this open-source tool helps developers route requests across various LLM providers through a single API. The threat actor, identified as TeamPCP, injected malicious code into versions 1.82.7 and 1.82.8. This devastating supply chain attack directly follows the group’s…
-
Aqua Security’s Trivy Scanner Hit by Supply Chain Attack, Threatening Software Integrity
Tags: attack, cyber, github, malicious, open-source, risk, software, supply-chain, threat, vulnerabilityA sophisticated supply chain attack compromised Aqua Security’s popular open-source Trivy vulnerability scanner. Threat actors successfully distributed malicious code through the project’s GitHub Actions, targeting deployment pipelines to silently exfiltrate sensitive credentials. While Aqua’s commercial products remain completely unaffected, the incident highlights the severe risks of using mutable version tags in deployment automation. The attack…
-
Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack/
-
Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack/
-
Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit
TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx’s KICS and VS Code plug-ins, and the LiteLLM AI library, and all signs point to more attacks to come. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/checkmarx-kics-code-scanner-widening-supply-chain
-
US Bans New Foreign-Made Routers, Citing ‘Unacceptable’ Security Risks
The FCC bans new foreign-made routers over national security risks, a move that could reshape the US tech supply chain and impact pricing and availability. The post US Bans New Foreign-Made Routers, Citing ‘Unacceptable’ Security Risks appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-fcc-bans-foreign-made-routers-national-security/
-
The Trivy Supply Chain Compromise: What Happened and Playbooks to Respond
Tags: supply-chain<div cla The Trivy Supply Chain Compromise: What Happened and Playbooks to Respond First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-trivy-supply-chain-compromise-what-happened-and-playbooks-to-respond/
-
US FCC Targets Foreign Routers in Supply-Chain Crackdown
New Rule Blocks Approval of Foreign Routers Without Federal Clearance. The FCC acted on a White House security determination and announced a block on new foreign-made routers from entering U.S. markets – unless vendors meet strict national security reviews, citing their role in state-linked cyber campaigns and risks to U.S. network edge infrastructure. First seen…
-
Understanding Wiz’s Approach to Securing the AI Supply Chain
As organizations race to deploy AI, securing the rapidly expanding ecosystem of models, data, and dependencies has become a critical priority, much of which can be addressed by Wiz’s CNAPP solution. First seen on hackread.com Jump to article: hackread.com/understanding-wizs-approach-securing-ai-supply-chain/
-
Critics call FCC router rule a ‘big swing’ that could create more supply chain uncertainty
The choice to ban all foreign-made routers instead of targeting known risks could create legal and supply chain disruptions with unclear national security returns. First seen on cyberscoop.com Jump to article: cyberscoop.com/fcc-bans-foreign-routers-critics-warn-about-supply-chain/
-
Introducing the Identity and Access Gaps in the Age of Autonomous AI Survey Report
2 min readThe Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload identity and access. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/introducing-the-identity-and-access-gaps-in-the-age-of-autonomous-ai-survey-report/
-
Trivy’s March Supply Chain Attack Shows Where Secret Exposure Hurts Most
The Trivy story is moving quickly, and the latest reporting makes one thing clear: this is no longer just a GitHub Actions tag hijack. What started as a compromise of trivy-action, setup-trivy, and the v0.69.4 release has expanded into malicious Docker Hub images. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/trivys-march-supply-chain-attack-shows-where-secret-exposure-hurts-most/
-
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack.The workflows, both maintained by the supply chain security company Checkmarx, are listed below -checkmarx/ast-github-actioncheckmarx/kics-github-actionCloud security First seen on thehackernews.com Jump to article:…
-
NSFOCUS Threat Intelligence: Building an OpenClaw Defense System with Multiple-Layer Protection
In 2026, AI agents are being widely used. OpenClaw has become a high-frequency efficiency improvement tool for enterprises and developers with its autonomous decision-making and local execution capabilities. However, several authoritative security agencies have recently issued warnings: OpenClaw is facing multi-dimensional security threats from supply chain poisoning to remote control. When internal employees privately deploy…The…
-
Microsoft Unveils New GenAI Security Protections in Azure AI Foundry
Microsoft has outlined a new set of security safeguards designed to protect generative AI models hosted on Azure AI Foundry, as organizations increasingly adopt advanced AI systems into critical workflows. The move comes amid rapid growth in generative AI capabilities, where new models are released frequently, raising concerns about trust, data security, and supply chain…
-
New CanisterWorm Targets Kubernetes Clusters, Deploys “Kamikaze” Wiper
CanisterWorm spreads via npm supply chain attack, hijacks developer accounts, targets Kubernetes clusters, and deploys destructive Kamikaze wiper payload. First seen on hackread.com Jump to article: hackread.com/canisterworm-kubernetes-clusters-kamikaze-wiper/
-
Trivy Supply Chain Attack Targets CI/CD Secrets
A threat actor used the open source security tool to deploy an infostealer into CI/CD workflows and steal cloud credentials, SSH keys, tokens, and other sensitive secrets. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/trivy-supply-chain-attack-targets-ci-cd-secrets
-
The Trivy Compromise: The Fallacy of Secrets Management and the Case for Workload Identity
6 min readThe Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload identity and access. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-trivy-compromise-the-fallacy-of-secrets-management-and-the-case-for-workload-identity/