MCP Threat Modeling: Understanding the Attack Surface
The post MCP Threat Modeling: Understanding the Attack Surface appeared first on Aembit. *** This is a Security Bloggers Network...
attack
Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
Your attack surface no longer lives on one operating system, and neither do the campaigns targeting it. In enterprise environments, attackers move across...
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long...
North Korea–linked hackers drain $285M from Drift in sophisticated attack
North Korea–linked hackers drain $285M from Drift in sophisticated attack Pierluigi Paganini April 03, 2026 Drift lost $285M in a...
![[un]prompted 2026 – Opening Words – “Research Conferences Aren’t Effective.”](https://securityboulevard.com/wp-content/uploads/2018/01/TwitterLogo-002.jpg)
At RSAC 2026, AI Redefines the Future of Penetration Testing
Penetration testing is undergoing a substantial shift as AI reshapes both attack and defense strategies. At RSA Conference 2026,...
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069 Pierluigi Paganini April 01, 2026 Google links the...
3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s...
Axios Compromise on npm Introduces Hidden Malicious Package
A newly discovered software supply chain attack targeting the npm ecosystem briefly compromised one of the most widely used...
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the...
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python...
How GitGuardian Enables Rapid Response to the LiteLLM Supply Chain Attack
The TeamPCP supply chain attack compromised LiteLLM packages 1.82.7 and 1.82.8, stealing SSH keys, cloud credentials, API tokens, and...
Malicious LiteLLM versions linked to TeamPCP supply chain attack
Malicious LiteLLM versions linked to TeamPCP supply chain attack Pierluigi Paganini March 25, 2026 TeamPCP backdoored LiteLLM v1.82.7–1.82.8, likely via...
IRONSCALES Launches Email Attack of the Day, a Daily Threat Intelligence Series for Security Teams
IRONSCALES is bringing a new threat intelligence series to the security community, launching “Email Attack of the Day” at...
Trivy Scanner Compromise Explained and What it Means For Your SaaS and CI/CD Security
AppOmni Labs explains how this SaaS supply chain attack occurred and how to guard your entire SaaS ecosystem against...
What to Do When Your Website Is Under a DDoS Attack
The post What to Do When Your Website Is Under a DDoS Attack first appeared on StrongBox IT. ***...
