Security researchers discovered that the popular Python library litellm was compromised on PyPI. With over 95 million monthly downloads, this open-source tool helps developers route requests across various LLM providers through a single API. The threat actor, identified as TeamPCP, injected malicious…
Google Authenticator’s Hidden Passkey Design May Expose New Passwordless Attack Vectors
Google’s passkey ecosystem quietly depends on a powerful cloud-side component that changes where “passwordless trust” actually lives and that shift could open new avenues for account takeover in the real world. Most passkey discussions focus on WebAuthn and FIDO specs,…
HackerOne Confirms Employee Data Stolen Following Linked Navia Hack
HackerOne, a leading vulnerability coordination and bug bounty platform, has officially confirmed a data breach impacting its employees. The security incident did not occur directly on HackerOne’s internal network or infrastructure. Instead, the sensitive data was exposed through a targeted…
Why your phishing simulations aren’t building a security culture
Security culture isn’t built by phishing simulations. In this Help Net Security video, Dan Potter, VP of Cyber Resilience at Immersive, argues that annual training videos and quarterly phishing tests happen in calm, controlled settings that tell us nothing about…
You don’t have to choose between BAS or automated pentesting, you shouldn’t
There’s a debate making the rounds in security circles that sounds reasonable on the surface but falls apart under operational scrutiny: Which is better, breach and attack simulation (BAS) or automated penetration testing (APT)? Security vendors have stoked this debate…
Aqua Security’s Trivy Scanner Hit by Supply Chain Attack, Threatening Software Integrity
A sophisticated supply chain attack compromised Aqua Security’s popular open-source Trivy vulnerability scanner. Threat actors successfully distributed malicious code through the project’s GitHub Actions, targeting deployment pipelines to silently exfiltrate sensitive credentials. While Aqua’s commercial products remain completely unaffected, the…
Aqua Security’s Trivy Scanner Compromised in Supply Chain Attack
A sophisticated supply chain attack targeting Aqua Security’s widely used open-source vulnerability scanner, Trivy. A threat actor leveraged compromised credentials to distribute malicious releases, turning a trusted security tool into a mechanism for large-scale credential theft across CI/CD pipelines. The…
Kali Linux 2026.1 Released With 8 New Hacking Tools
Kali Linux 2026.1 has officially been released, marking the first major update of the year for the popular penetration testing distribution. Designed for professionals engaged in technical security research and vulnerability analysis, this update features modern aesthetic enhancements, notable advancements…
Which Came First: The System Prompt, or the RCE?
During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude (Opus 4.5) and a third-party asset management platform. The idea is simple: instead of clicking through dashboards and making API calls,…
Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18
Penetration testers running Kali Linux have a new release to work with. Version 2026.1 delivers the annual theme refresh, a new BackTrack-inspired mode in kali-undercover, eight tools added to the network repositories, a kernel bump to 6.18, and several Kali…
Your security stack looks fine from the dashboard and that’s the problem
One in five enterprise endpoints is operating outside a protected and enforceable state on any given day, according to device telemetry collected across tens of millions of corporate PCs. That figure, drawn from Absolute Security’s 2026 Resilience Risk Index, has…
RSAC Presenter Says “Time to Kill One of Cybersecurity’s Most Overworked Terms”
RSAC: Retiring “APT,” FCC’s US-Made Router Ban, Zoom Call Scraping, Iran-Targeting Wiper, and Cyber Terrorism Insurance From RSAC 2026, host David Shipley highlights ESET researcher Robert Lipowsky’s argument to retire the overused “advanced persistent threat” label and instead describe actors…
IT Security News Hourly Summary 2026-03-25 06h : 2 posts
2 posts were published in the last hour 4:9 : Cloud workload security: Mind the gaps 4:9 : North Korean Hackers Turn VS Code Projects Into Silent Malware Triggers
Cloud workload security: Mind the gaps
As IT infrastructure expands, visibility and control often lag behind – until an incident forces a reckoning This article has been indexed from WeLiveSecurity Read the original article: Cloud workload security: Mind the gaps
North Korean Hackers Turn VS Code Projects Into Silent Malware Triggers
Opening a project in a code editor is supposed to be routine. In this case, it is enough to trigger a full malware infection. Security researchers have linked an ongoing campaign associated with North Korean actors, tracked as Contagious…
API Security for AI Agents: Why Protection Has Never Been More Important.
For years, a lot of risky APIs survived simply because they were hard to find. They weren’t documented. Only a handful of engineers knew the endpoints. And if an attacker wanted to abuse them, they had to spend real time…
Julius v0.2.0: From 33 to 63 Probes — Now Detecting Cloud AI, Enterprise Inference, and RAG Pipelines
TL;DR: Julius v0.2.0 nearly doubles LLM fingerprinting probe coverage from 33 to 63, adding detection for cloud-managed AI services (AWS Bedrock, Azure OpenAI, Vertex AI), high-performance inference servers (SGLang, TensorRT-LLM, Triton), AI gateways (Portkey, Helicone, Bifrost), and self-hosted RAG platforms…
ISC Stormcast For Wednesday, March 25th, 2026 https://isc.sans.edu/podcastdetail/9864, (Wed, Mar 25th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, March 25th, 2026…
Quantum-Hardened Granular Resource Authorization Policies
Learn how to secure AI infrastructure with quantum-hardened granular resource authorization policies. Explore PQC, MCP security, and zero-trust strategies. The post Quantum-Hardened Granular Resource Authorization Policies appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read…
IT Security News Hourly Summary 2026-03-25 03h : 2 posts
2 posts were published in the last hour 1:34 : SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th) 1:34 : Guidance for detecting, investigating, and defending against the Trivy supply chain compromise
SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th)
Introduction This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th)
Guidance for detecting, investigating, and defending against the Trivy supply chain compromise
Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker techniques, and concrete steps security teams can take to detect and defend against similar attacks. The…
OpenSSL 4.0 Beta Release Announcement
The OpenSSL Project is pleased to announce that OpenSSL 4.0 Beta1 pre-release is available, adding significant functionality to the OpenSSL Library. This article has been indexed from Blog on OpenSSL Library Read the original article: OpenSSL 4.0 Beta Release Announcement
The Best AI SOC Platforms 2026: Comprehensive Comparison & Guide
Comprehensive guide to the best AI SOC platforms in 2026. Compare autonomous SOC solutions, pricing, integrations, and key differentiators. The post The Best AI SOC Platforms 2026: Comprehensive Comparison & Guide appeared first on D3 Security. The post The Best…