Point Wild Releases Free LiteLLM Vulnerability Scanner Within 24 Hours of Supply Chain Attack

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

Malware in an Open-Source Project Could Have Infected Thousands. The Twist? It Was Certified by Delve

For a short window on Tuesday, two versions of a popular open-source project from LiteLLM contained malware, designed to steal all sorts of login credentials. A researcher discovered it after it ...
The Hacker News

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks

Coruna reuses Triangulation kernel exploits targeting iOS 13–17.2.1 devices, expanding attacks into mass exploitation ...
WinBuzzer

DarkSword iOS Exploit Leaks on GitHub, Threatens Millions

A government-grade iOS exploit kit called DarkSword has been leaked on GitHub, putting hundreds of millions of iPhones ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Cloud attacks are getting faster and deadlier - here's your best defense plan

Cloud attacks are getting faster and deadlier - here's your best defense plan ...
cryptonews

Bonk Fun Website Hijacked: Live Exploit Is Draining User Funds

The official website for the Solana memecoin launchpad, Bonk Fun, has been hijacked. A malicious actor seized control of the domain on Wednesday (March 11), deploying a wallet drainer disguised as a ...
Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...
AppleInsider

Latest iOS 15 & iOS 16 updates target Coruna exploit affecting older devices

Apple has virtually eliminated the remaining addressable iPhones being targeted by the Coruna exploit being traded around the black market — that is, if you update your iPhone. An exploit potentially ...
The Hacker News

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to ...