Supply‑Chain Attack Hits LiteLLM 1.82.7‑1.82.8 via Compromised Trivy Scan
Independent analysis has verified that the LiteLLM releases 1.82.7 through 1.82.8 were tampered with during distribution.
Supply‑Chain Backdoor Inserted into LiteLLM via Compromised Trivy CI/CD
Researchers have identified that the threat actor group TeamPCP compromised the Trivy container‑image scanner used in the LiteLLM CI/
FBI-led Sweep Shuts Down Massive IoT Botnets Behind Recent DDoS Floods
Federal investigators, led by the FBI and supported by international law‑enforcement partners, dismantled the command‑and‑control infrastructure of
Backdoored Trivy Scanner Fuels Supply‑Chain Worm in CI/CD Pipelines
The open‑source Trivy vulnerability scanner was compromised and a covert backdoor was added to its official binary releases and
Active Telescope Reveals Global React2Shell Exploit Campaign
Researchers used an active network telescope—a set of routable IP addresses that respond to unsolicited traffic—to capture and
Cloudflare Deploys AI‑Powered Account Abuse Shield and Logic‑Flaw Scanner
Cloudflare has rolled out Account Abuse Protection, a service that fuses AI‑driven detection of malicious login activity with an
Unified Validation Stack: End Fragmented Security Gaps
The security community is witnessing a shift toward “agentic” validation, where isolated tools—like breach‑and‑attack simulations, manual pentests,
New Framework Ties Metrics to KRIs, Boosting Vulnerability Prioritization
Researchers have released a paper outlining a quantitative framework that links security performance metrics—such as patch latency, exploit prevalence,
Google Patches Two Chrome Zero‑Days Actively Exploited in Enterprise Attacks
Google rolled out emergency updates for Chrome addressing two critical zero‑day flaws (CVE‑2026‑XXXXX and CVE‑2026‑YYYYY)
Google Patches Two Chrome Zero‑Days Actively Exploited in the Wild
Google released emergency updates for Chrome that fix two critical zero‑day flaws (CVE‑2024‑XXXX and CVE‑2024‑YYYY)
