Supply Chains
1K+ cloud environments infected via Trivy attack • The Register - “That 1,000-plus downstream victims will probably expand into another 500, another 1,000, maybe another 10,000,” he continued. “And we know that these actors are collaborating with a number of other actors right now.”
LiteLLM infected with credential-stealing code via Trivy • The Register - Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected them with malicious credential-stealing code.
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials - “This suggests that the stolen credentials from the Trivy compromise were used to poison additional actions in affected repositories,” Sysdig said.
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files - The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV file. Users are recommended to downgrade to version 4.87.0 immediately. The PyPI project is currently quarantined.
Top npm package backdoored to drop dirty RAT on dev machines • The Register - The poisoned versions, “axios@1.14.1” and “axios@0.30.4,” made it onto the npm registry before being yanked, though not before some unlucky devs and CI pipelines pulled them in. Rather than tampering with axios’s own code, the intruders took a subtler route, slipping in a dependency that had no business being there and no role in the library’s functionality.
Security boffins harvest bumper crop of API keys from web • The Register - The researchers scanned approximately 10 million websites using a tool called TruffleHog, and found 1,748 valid credentials belonging to organizations including multinational corporations, critical infrastructure entities, and government agencies. The keys provide access to services like AWS, GitHub, Stripe, and OpenAI.
AI
OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability - “A single malicious prompt could turn an otherwise ordinary conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive content,” the cybersecurity company said in a report published today. “A backdoored GPT could abuse the same weakness to obtain access to user data without the user’s awareness or consent.”
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website - The flaw “allowed any website to silently inject prompts into that assistant as if the user wrote them,” Koi Security researcher Oren Yomtov said in a report shared with The Hacker News. “No clicks, no permission prompts. Just visit a page, and an attacker completely controls your browser.”
Global Order
Indian government probes CCTV espionage linked to Pakistan • The Register - This story begins on March 14th, when police in Ghaziabad – a city adjacent to India’s capital Delhi – announced they had arrested suspects after finding CCTV cameras aimed at railway stations and other infrastructure. The solar-powered cameras streamed video over cellular networks – perhaps using accounts tied to stolen SIM cards – to viewers in Pakistan.
European Commission investigating breach after Amazon cloud account hack - While the Commission has yet to share any details about this breach, the threat actor who claimed responsibility for the attack reached out to BleepingComputer earlier this week, stating that they had stolen over 350 GB of data (including multiple databases).
FBI confirms hack of Director Patel’s personal email inbox - “All personal and confidential information of Kash Patel, including emails, conversations, documents, and even classified files, is now available for public download,” the Handala hackers said before publishing proof of the breach.
Iran’s hackers are on the offensive against the US and Israel - Ars Technica - Good general explanation of how Iran has acted in the last few months and their capabilities.
Errata
US router ban is ‘industrial policy’ not better infosec • The Register - Mueller notes that the Federal Communications Commission (FCC) justified its ban with two arguments, one of which refers to CISA and FBI analysis that found attackers targeted SOHO routers to build a botnet that hid the Volt Typhoon and Salt Typhoon intrusions. The other argument relied on a Department of Commerce study that Mueller summarized as finding “the concentration of 85 percent of the consumer router supply chain in China creates a ‘systemic vulnerability’ where a single firmware update could be weaponized to disable U.S. home internet access.”
Crunchyroll probes breach after hacker claims to steal 6.8M users’ data - Popular anime streaming platform Crunchyroll is investigating a breach after hackers claimed to have stolen personal information for approximately 6.8 million people….This support agent is allegedly an employee of the Telus International business process outsourcing (BPO) company, who has access to Crunchyroll support tickets. The threat actors claimed to have used malware to infect the agent’s computer and gain access to their credentials.
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR - “The campaign abuses Google Ads to serve rogue ScreenConnect (ConnectWise Control) installers, ultimately delivering a BYOVD EDR killer that drops a kernel driver to blind security tools before further compromise,” Huntress researcher Anna Pham said in a report published last week.
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits - Multiple threat actors of varied motivations have been found to leverage these kits over the past year to deliver malicious payloads when unsuspecting users visit a compromised website. While Coruna targets iOS versions between 13.0 and 17.2.1, DarkSword is designed to target iPhones running iOS versions between 18.4 and 18.7.
Microsoft Azure Monitor alerts abused for callback phishing attacks - Over the past month, numerous people have reported receiving Azure Monitor alerts warning of suspicious charges or invoice activity on their accounts, urging them to call an enclosed phone number….These alerts are then configured to send emails to what is believed to be a mailing list under the attacker’s control, which forwards the email to all the targeted people in the attack.
This Company Is Secretly Turning Your Zoom Meetings into AI Podcasts - WebinarTV, a company that bills itself as “a search engine for the best webinars,” is secretly scanning the internet for Zoom meeting links, recording the calls, and turning them into AI-generated podcasts for profit. In some cases, people only found out that their Zoom calls were recorded once WebinarTV reached out to them directly to say their call was turned into a podcast in an attempt to promote WebinarTV’s services.
Apple Gives FBI a User’s Real Name Hidden Behind ’Hide My Email’ Feature - Apple provided the FBI with the real iCloud email address hidden behind Apple’s ‘Hide My Email’ feature, which lets paying iCloud+ users generate anonymous email addresses, according to a recently filed court record.