3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s...
attack
Axios Compromise on npm Introduces Hidden Malicious Package
A newly discovered software supply chain attack targeting the npm ecosystem briefly compromised one of the most widely used...
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the...
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python...
How GitGuardian Enables Rapid Response to the LiteLLM Supply Chain Attack
The TeamPCP supply chain attack compromised LiteLLM packages 1.82.7 and 1.82.8, stealing SSH keys, cloud credentials, API tokens, and...
Malicious LiteLLM versions linked to TeamPCP supply chain attack
Malicious LiteLLM versions linked to TeamPCP supply chain attack Pierluigi Paganini March 25, 2026 TeamPCP backdoored LiteLLM v1.82.7–1.82.8, likely via...
IRONSCALES Launches Email Attack of the Day, a Daily Threat Intelligence Series for Security Teams
IRONSCALES is bringing a new threat intelligence series to the security community, launching “Email Attack of the Day” at...
Trivy Scanner Compromise Explained and What it Means For Your SaaS and CI/CD Security
AppOmni Labs explains how this SaaS supply chain attack occurred and how to guard your entire SaaS ecosystem against...
What to Do When Your Website Is Under a DDoS Attack
The post What to Do When Your Website Is Under a DDoS Attack first appeared on StrongBox IT. ***...
Attack on Stryker’s Microsoft environment wiped employee devices without malware
Attack on Stryker’s Microsoft environment wiped employee devices without malware Pierluigi Paganini March 17, 2026 The recent cyberattack on Stryker...
How SMBs Can Proactively Strengthen Cybersecurity
Cyber attackers increasingly target SMBs because they are often the easiest path into larger supply chains. As cyberattacks are...
When Proxies Become the Attack Vectors in Web Architectures
Many Reverse proxy attack vectors expose a flawed assumption in modern web architectures that backends can blindly trust security-critical...
Evil evolution: ClickFix and macOS infostealers
This campaign – use of a popular and up-to-date lure notwithstanding – has all the hallmarks of a ‘classic’ ClickFix...
Ericsson US confirms breach after third-party provider attack
Ericsson US confirms breach after third-party provider attack Pierluigi Paganini March 10, 2026 Ericsson US reports a data breach after...
Hackers Used New Exploit Kit to Compromise Thousands of iPhones
Image: cait00sith/Envato An iOS exploit framework has revealed how advanced mobile attack tools can move rapidly from surveillance operations to...
