This month in security with Tony Anscombe – March 2026 edition
The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a...
Year: 2026
Anthropic accidentally leaks Claude Code
Anthropic accidentally leaks Claude Code Pierluigi Paganini March 31, 2026 Anthropic accidentally exposed Claude Code source via npm, causing the...
What makes Agentic AI a powerful ally in cybersecurity?
How Do Non-Human Identities Elevate Cybersecurity Strategies? Evolving cybersecurity demands innovative approaches to safeguard digital assets, and Non-Human Identities...
Technical Advisory: Axios npm Supply Chain Attack – Cross-Platform RAT Deployed via Compromised Maintainer Account
| Active RAT | Malicious npm versions removed | Assess all systems that ran npm install during exposure window...
Android Developer Verification Rollout Begins Ahead of September Enforcement
Ravie LakshmananMar 31, 2026Mobile Security / Compliance Google on Monday said it's officially rolling out Android developer verification to all...
The Real Risk of Vibecoding
The ownership problem no one talks about One of the biggest risks in vibe coding isn’t that nobody owns the...
New North Korean AI Hiring Scheme Targets US Companies
Source: ChatGPT A suspected North Korean operative attempted to infiltrate a cybersecurity firm using a stolen identity and an AI-generated...
Axios Compromise on npm Introduces Hidden Malicious Package
A newly discovered software supply chain attack targeting the npm ecosystem briefly compromised one of the most widely used...
Synthetic data is all you need for Reinforcement Learning
Building Reinforcement Learning (RL) environments to evaluate and train agents involves simulating the world in which an agent interacts,...
When AI Writes the Code, What Changes for Security?
Last week at RSAC 2026, we hosted four security leaders for a breakfast panel to talk about what’s actually...
Attackers hijack Axios npm account to spread RAT malware
Attackers hijack Axios npm account to spread RAT malware Pierluigi Paganini March 31, 2026 Threat actors hijacked the npm account...
Nearly half a Million mobile customers of Lloyds Banking Group affected by security incident
Nearly half a Million mobile customers of Lloyds Banking Group affected by security incident Pierluigi Paganini March 31, 2026 Lloyds...
Axios Hijacked: npm Account Takeover Deploys Cross-Platform RAT to Millions
On March 31, 2026, two malicious versions of Axios – the JavaScript HTTP client with over 83 million weekly...
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
Ravie LakshmananMar 31, 2026Zero-Day / Vulnerability A high-severity security flaw in the TrueConf client video conferencing software has been exploited...
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
Ravie LakshmananMar 31, 2026Cloud Security / AI Security Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex...