Breaking News – Cyber Threats (last 6h)
Generated: 2026-03-24 13:00 PDT
- TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
The Hacker News • 2026-03-24 11:21 • thehackernews.com
TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor.
Multiple security vendors, including Endor Labs and JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were published on
https://thehackernews.com/2026/03/teampcp-backdoors-litellm-versions.html - Firefox now has a free built-in VPN with 50GB monthly data limit
BleepingComputer • 2026-03-24 10:23 • www.bleepingcomputer.com
Mozilla released Firefox 149 with added privacy protection through a built-in VPN tool offering up to 50GB of monthly traffic. […]
https://www.bleepingcomputer.com/news/security/firefox-now-has-a-free-built-in-vpn-with-50gb-monthly-data-limit/ - Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
The Hacker News • 2026-03-24 10:05 • thehackernews.com
A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers for ConnectWise ScreenConnect that drop a tool named HwAudKiller to blind security programs using the bring your own vulnerable driver (BYOVD) technique.
“The campaign abuses Google Ads to serve rogue ScreenConnect (
https://thehackernews.com/2026/03/tax-search-ads-deliver-screenconnect.html - 5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
The Hacker News • 2026-03-24 09:36 • thehackernews.com
On February 25, 2026, Gartner published its inaugural Market Guide for Guardian Agents, marking an important milestone for this emerging category. For those unfamiliar with the various Gartner report types, “a Market Guide defines a market and explains what clients can expect it to do in the short term. With the focus on early, more chaotic markets, a Market Guide does not rate or position
https://thehackernews.com/2026/03/5-learnings-from-first-ever-gartner.html - Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
The Hacker News • 2026-03-24 09:35 • thehackernews.com
An ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers.
“The campaign uses highly obfuscated VBScript files disguised as resume/CV documents, delivered through phishing emails,” Securonix researchers Shikha Sangwan, Akshay Gaikwad, and Aaron Beardslee said in a report shared
https://thehackernews.com/2026/03/hackers-use-fake-resumes-to-steal.html - Microsoft fixes bug causing Classic Outlook sync issues with Gmail
BleepingComputer • 2026-03-24 08:12 • www.bleepingcomputer.com
Microsoft has fixed a known issue causing Gmail and Yahoo email synchronization and connection problems for classic Outlook users. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-causing-outlook-sync-issues-for-gmail-users/ - Zero Trust: Bridging the Gap Between Authentication and Trust
BleepingComputer • 2026-03-24 07:02 • www.bleepingcomputer.com
Passing MFA doesn’t mean a session is safe, attackers can hijack tokens and bypass identity checks. Specops Software explains why Zero Trust must verify both user identity and device health. […]
https://www.bleepingcomputer.com/news/security/zero-trust-bridging-the-gap-between-authentication-and-trust/ - HackerOne discloses employee data breach after Navia hack
BleepingComputer • 2026-03-24 07:01 • www.bleepingcomputer.com
Bug bounty platform HackerOne is notifying hundreds of employees that their data was stolen after attackers hacked Navia, one of its U.S. benefits administrators. […]
https://www.bleepingcomputer.com/news/security/hackerone-discloses-employee-data-breach-after-navia-hack/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
