Vercel Data Breach Linked to Earlier Context.ai Compromise
Hackers were able to leverage the compromise of agentic AI company Context.ai in February to take over a Google Workspace...
compromise
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean...
TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM
The Telnyx compromise indicates a continued change in the techniques used in TeamPCP’s supply‑chain activity, with adjustments to tooling, delivery...
The Trivy Supply Chain Compromise: What Happened and Playbooks to Respond
The Trivy Supply Chain Compromise: What Happened and Playbooks to Respond On March 19, 2026, a threat actor known...
Sonatype Discovers Two Malicious npm Packages
Sonatype Security Research has identified a potential compromise of a trusted npm maintainer account that has now published two...
Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms
Microsoft has warned of a multi‑stage adversary‑in‑the‑middle (AitM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the...
