popular

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

AndyC 2 April 2026

Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean...

Read More

Microsoft adds multi-model AI to Copilot Researcher, raising accuracy stakes

Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install

AndyC 31 March 2026

On March 30-31, 2026, threat actors published two malicious versions of the popular HTTP library axios (versions 1.14.1 and...

Read More

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

AndyC 31 March 2026

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the...

Read More

BSidesSLC 2025 – LLM-Powered Network Intrusion Detection

When Your Scanner Becomes the Weapon: From Trivy to LiteLLM

AndyC 26 March 2026

On March 24, 2026, two malicious versions of LiteLLM – the popular AI/LLM proxy gateway present in roughly 36%...

Read More

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

AndyC 25 March 2026

TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named...

Read More

Compromised litellm PyPI Package Delivers Multi-Stage Credential Stealer

Compromised litellm PyPI Package Delivers Multi-Stage Credential Stealer

AndyC 25 March 2026

This morning, the widely used Python package litellm, a popular abstraction layer for interacting with large language models (LLMs),...

Read More

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

AndyC 21 March 2026

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a...

Read More

Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran

Exposed Ollama Servers: Security Risks of Publicly Accessible LLM Infrastructure

AndyC 18 March 2026

Ollama has become popular for running LLMs locally or on cloud infrastructure. Internet-wide scans have identified 175,000 exposed Ollama...

Read More

BSidesSLC 2025 – LLM-Powered Network Intrusion Detection

Hacked sites deliver Vidar infostealer to Windows users

AndyC 17 March 2026

In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead...

Read More

BSidesSLC 2025 – LLM-Powered Network Intrusion Detection

Hacked sites deliver Vidar infostealer to Windows users

AndyC 17 March 2026

In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead...

Read More

Evil evolution: ClickFix and macOS infostealers

Evil evolution: ClickFix and macOS infostealers

AndyC 12 March 2026

This campaign – use of a popular and up-to-date lure notwithstanding – has all the hallmarks of a ‘classic’ ClickFix...

Read More

The Circus at CISA Continues

Latest OpenClaw Security Risks are Fake GitHub Repositories Used to Deploy Infostealers

AndyC 6 March 2026

The highly popular and risk-riddled OpenClaw personal AI assistant is being used by bad actors to target users with...

Read More

BSidesSLC 2025 – LLM-Powered Network Intrusion Detection

Fake Huorong security site infects users with ValleyRAT

AndyC 24 February 2026

A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote Access...

Read More

Palo Alto Networks Moves to Secure Agentic Endpoints with Koi Deal

Moltbook is Dangerous, but Scale Doesn’t Match the Hype: Zenity

AndyC 19 February 2026

Moltbook, the highly popular Reddit-style social network designed exclusively to enable AI agents to communicate, launched in late January...

Read More

Palo Alto Networks Moves to Secure Agentic Endpoints with Koi Deal

Moltbook is Dangerous, but Scale Doesn’t Match the Hype: Zenity

AndyC 19 February 2026

Moltbook, the highly popular Reddit-style social network designed exclusively to enable AI agents to communicate, launched in late January...

Read More

Digital assets after death: Managing risks to your loved one’s digital estate

Digital assets after death: Managing risks to your loved one’s digital estate

AndyC 2 April 2026

Digital Security Fraudsters often target the accounts of the deceased or their grieving relatives. Here’s how to keep the scammers at bay. Phil Muncaster 01...

Read More

This month in security with Tony Anscombe – March 2026 edition

This month in security with Tony Anscombe – March 2026 edition

AndyC 1 April 2026

The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience plan 31 Mar...

Read More

RSAC 2026 wrap-up – Week in security with Tony Anscombe

RSAC 2026 wrap-up – Week in security with Tony Anscombe

AndyC 28 March 2026

This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven't caught up with...

Read More

A cunning predator: How Silver Fox preys on Japanese firms this tax season

A cunning predator: How Silver Fox preys on Japanese firms this tax season

AndyC 28 March 2026

Business Security Silver Fox is back in Japan, spoofing tax and HR emails timed to the one season when no one thinks twice about opening...

Read More

Virtual machines, virtually everywhere – and with real security gaps

Virtual machines, virtually everywhere – and with real security gaps

AndyC 26 March 2026

Twenty years ago, almost to the day, Amazon Web Services (AWS) launched Simple Storage Service (S3). A few months later, the company’s Elastic Compute Cloud (EC2) service opened for public...

Read More

Cloud workload security: Mind the gaps

Cloud workload security: Mind the gaps

AndyC 25 March 2026

Business Security As IT infrastructure expands, visibility and control often lag behind – until an incident forces a reckoning Tomáš Foltýn 24 Mar 2026 • ...

Read More

BSidesSLC 2025 – LLM-Powered Network Intrusion Detection

Why DDoS Mitigation Fails: 5 Gaps That Testing Reveals

AndyC 5 April 2026

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

AndyC 5 April 2026

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

AndyC 5 April 2026

BSidesSLC 2025 – LLM-Powered Network Intrusion Detection

How scalable is Agentic AI for growing businesses

AndyC 5 April 2026

Qilin ransomware group claims the hack of German political party Die Linke

Qilin ransomware group claims the hack of German political party Die Linke

AndyC 5 April 2026