MUST READ

FCC targets foreign router imports amid rising cybersecurity concerns

 | 

Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca

 | 

Malicious LiteLLM versions linked to TeamPCP supply chain attack

 | 

Data breach at Dutch Ministry of Finance impacts staff following cyberattack

 | 

QualDerm Partners December 2025 data breach impacts over 3 Million people

 | 

Citrix NetScaler critical flaw could leak data, update now

 | 

81-month sentence for Russian hacker behind major ransomware campaigns

 | 

North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware

 | 

QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025

 | 

Pro-Iranian Nasir Security is targeting energy companies in the Gulf

 | 

44 Aqua Security repositories defaced after Trivy supply chain breach

 | 

Iran-linked actors use Telegram as C2 in malware attacks on dissidents

 | 

International police Operation Alice take down 373,000 dark web sites exploiting children

 | 

Russia-linked actors target WhatsApp and Signal in phishing campaign

 | 

Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

 | 

U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 89

 | 

Security Affairs newsletter Round 568 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

WorldLeaks ransomware group breached the City of Los Angels

 | 

PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks

 | 

TeamPCP

Pierluigi Paganini March 25, 2026
Malicious LiteLLM versions linked to TeamPCP supply chain attack

TeamPCP backdoored LiteLLM v1.82.7–1.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access. Threat actor TeamPCP compromised LiteLLM versions 1.82.7 and 1.82.8, likely through a Trivy CI/CD breach. LiteLLM, with over 95 million monthly downloads, helps developers route LLM requests via a single API. The malicious releases, now […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

FCC targets foreign router imports amid rising cybersecurity concerns

Security / March 25, 2026

Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca

Data Breach / March 25, 2026

Malicious LiteLLM versions linked to TeamPCP supply chain attack

Hacking / March 25, 2026

Data breach at Dutch Ministry of Finance impacts staff following cyberattack

Data Breach / March 24, 2026

QualDerm Partners December 2025 data breach impacts over 3 Million people

Data Breach / March 24, 2026