TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials Summary TeamPCP weaponised supply-chain compromises of open-source projects (Trivy, KICS, LiteLLM and Telnyx) to deploy infostealer malware and harvest credentials, API keys,…
Google links axios supply chain attack to North Korean group Summary Google Threat Intelligence Group (GTIG) and other researchers have attributed a recent supply chain compromise of the hugely popular…
Don’t open that WhatsApp message, Microsoft warns Summary Microsoft has flagged an ongoing multi-stage campaign that begins with malicious WhatsApp messages delivering Visual Basic Script (VBS) files. Once a recipient…
F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation Summary F5 has reclassified CVE-2025-53521 — first disclosed in October as a high-severity denial-of-service issue — as a remote code execution (RCE)…
CISA tells federal agencies to patch Citrix NetScaler bug by Thursday Summary The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch CVE-2026-3055 by Thursday after incident…
Pro-Russian hackers pose as Ukraine’s cyber agency to target government, businesses Summary A pro-Russian hacking group impersonated Ukraine’s national computer emergency response team (CERT-UA) in a phishing campaign that targeted…
Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines Summary One of npm’s most-used HTTP clients, Axios, was briefly compromised when attackers hijacked a maintainer’s…
F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation Summary F5 has re-categorised CVE-2025-53521 — originally disclosed in October as a high-severity denial-of-service issue — as a remote code execution (RCE)…
Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach Summary Researchers from Ox Security say the threat group TeamPCP — linked to the recent Trivy supply-chain compromise…
Citrix NetScaler bug exploited in days, may be multiple flaws in a trench coat Summary Researchers warn that a critical Citrix NetScaler vulnerability (CVE-2026-3055) is being exploited in the wild…
