Breaking News – Cyber Threats (last 6h)
Generated: 2026-03-27 13:00 PDT
- Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
The Hacker News • 2026-03-27 10:22 • thehackernews.com
Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the update.
The development was first reported by MacRumors.
“Apple is aware of attacks targeting out-of-date iOS software, including the version on your iPhone. Install this critical update to protect your iPhone,” the
https://thehackernews.com/2026/03/apple-sends-lock-screen-alerts-to.html - TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
The Hacker News • 2026-03-27 09:53 • thehackernews.com
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.
The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV file. Users are
https://thehackernews.com/2026/03/teampcp-pushes-malicious-telnyx.html - Fake VS Code alerts on GitHub spread malware to developers
BleepingComputer • 2026-03-27 09:51 • www.bleepingcomputer.com
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading malware. […]
https://www.bleepingcomputer.com/news/security/fake-vs-code-alerts-on-github-spread-malware-to-developers/ - TeamPCP Supply Chain Campaign: Update 002 – Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)
SANS ISC Diary (full) • 2026-03-27 07:34 • isc.sans.eduThis is the second update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, 2026). Update 001 covered developments through March 26. This update covers developments from March 26-27, 2026.
- Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
BleepingComputer • 2026-03-27 07:02 • www.bleepingcomputer.com
Agentic GRC automates workflows, forcing teams to rethink their role beyond operations. Anecdotes explains why the biggest challenge is shifting from execution to risk leadership. […]
https://www.bleepingcomputer.com/news/security/agentic-grc-teams-get-the-tech-the-mindset-shift-is-whats-missing/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
