Mercor Hit by LiteLLM Supply Chain Attack
The AI recruiting firm is investigating the incident as Lapsus$ claimed the theft of 4TB of Mercor data. The post Mercor Hit by LiteLLM Supply Chain Attack a...
Manufacturing
20 articles
Axios npm Supply Chain Breach: Microsoft Shares Mitigation Steps
Microsoft has detailed how organizations can detect and mitigate a recent supply chain compromise involving malicious Axios npm releases and infrastructure a...
How we caught the Axios supply chain attack
Joe Desimone shares the story of how he caught the Axios supply chain attack with a proof of concept tool built in an afternoon.
Mitigating the Axios npm supply chain compromise
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates (1.14.
Google fixes fourth actively exploited Chrome zero-day of 2026
Google fixed a new Chrome zero-day, tracked as CVE-2026-5281, in the WebGPU Dawn component that is already exploited in the wild. Google released Chrome upda...
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)
Business resilience starts at the endpoint. Between March and December 2025, the N-able SOC processed over 900,000 alerts—and a staggering 18% originated fro...
Mercor confirms security incident tied to LiteLLM supply chain attack
Although the LiteLLM attack was reportedly tied to a group called TeamPCP, the hacking gang Lapsus$ claimed on its website that it obtained hundreds of gigab...
Threat Brief: Widespread Impact of the Axios Supply Chain Attack
Unit 42 discusses the supply chain attack targeting Axios. Learn about the full attack chain, from the dropper to forensic cleanup.
Report sheds more light on Phantom Stealer
Attacks involving the .NET-based Phantom Stealer, which has been bundled with a crypter and a remote access tool under the Phantom Project cybercrime kit, ha...
Trivy supply chain intrusion reportedly compromises Cisco source code
Cisco was reported to have had its source code stolen by threat actors following an attack linked to the recent supply chain attack against Aqua Security's T...
AWS environments targeted by TeamPCP
Threat operation TeamPCP, also known as PCPcat, DeadCatx3, and ShellForce, has tapped credentials siphoned from its sweeping supply chain attacks against Tri...
North Korean hackers blamed for axios supply chain hack
North Korean threat operation UNC1069 was noted by the Google Threat Intelligence Group to have perpetrated the npm supply chain attack against the widely us...
AI startup Mercor confirms security incident linked to LiteLLM supply chain attack
The incident at Mercor is believed to stem from malicious code injected into the LiteLLM project, an open-source tool used by numerous companies to manage AI...
Exabeam expands ABA to detect AI agent threats across ChatGPT, Copilot, and Gemini
Exabeam has announced the expansion of Exabeam Agent Behavior Analytics (ABA). Without direct visibility into how employees use AI assistants, what they quer...
TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)
This is the fifth update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026).
Cisco Faces Alleged Data Leak as ShinyHunters Claims Responsibility
Cisco is actively dealing with a major cybersecurity incident after threat actors breached its internal development networks. The notorious hacking group Shi...
Mutation testing for the agentic era
Code coverage is one of the most dangerous quality metrics in software testing. Many developers fail to realize that code coverage lies by omission: it measu...
SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code
SentinelOne AI stopped a LiteLLM supply chain attack in seconds, blocking malicious code automatically without human intervention. SentinelOne’s AI-based sec...
Axios NPM Package Breached in North Korean Supply Chain Attack
A long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored package versions. The post Axios...
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Korea–nexus threat actor has hijacked the popular Axios NPM package in a high‑impact software supply chain attack that can silently backdoor Windows,...