Research, News, and Perspectives

Ciberamenazas

Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads

A supply chain attack hit Axios when attackers used stolen npm credentials to publish malicious versions containing a phantom dependency. This triggered a cross-platform RAT during installation and replaced its files with clean decoys, making detection challenging.

Latest News Mar 31, 2026

Save to Folio

Latest News Mar 31, 2026

Save to Folio

Inteligencia artificial (IA)

TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats

TrendAI™ Research explored agentic AI cybercrime and EV infrastructure security through two research sessions at RSAC 2026.

Latest News Mar 31, 2026

Save to Folio

Latest News Mar 31, 2026

Save to Folio

Malware

TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM

Moving beyond their LiteLLM campaign, TeamPCP weaponizes the Telnyx Python SDK with stealthy WAV‑based payloads to steal credentials across Linux, macOS, and Windows.

Research Mar 30, 2026

Save to Folio

Research Mar 30, 2026

Save to Folio

Inteligencia artificial (IA)

Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise

TeamPCP orchestrated one of the most sophisticated multi-ecosystem supply chain campaigns publicly documented to date. It cascaded through developer tooling and compromised LiteLLM and exposed how AI proxy services that concentrate API keys and cloud credentials become high-value collateral when supply chain attacks compromise upstream dependencies.

Latest News Mar 26, 2026

Save to Folio

Latest News Mar 26, 2026

Save to Folio

APT y ataques dirigidos

Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities

This blog discusses the steganography, cloud abuse, and email-based backdoors used against the Ukrainian defense supply chain in the latest Pawn Storm campaign that TrendAI™ Research observed and analyzed.

Latest News Mar 26, 2026

Save to Folio

Latest News Mar 26, 2026

Save to Folio

Inteligencia artificial (IA)

Your AI Stack Just Handed Over Your Root Keys: Inside the litellm PyPI Breach

Litellm PyPI breach explained: malicious versions steal cloud credentials, SSH keys, and Kubernetes secrets. Learn impact and urgent mitigation steps.

Expert Perspective Mar 25, 2026

Save to Folio

Expert Perspective Mar 25, 2026

Save to Folio

Malware

Copyright Lures Mask a Multi‑Stage PureLog Stealer Attack on Key Industries

We look into a stealthy multi‑stage attack campaign that delivers PureLog Stealer entirely in memory using encrypted, fileless techniques.

Research Mar 19, 2026

Save to Folio

Research Mar 19, 2026

Save to Folio

Cumplimiento de normativa y riesgos

Why East-West Visibility Matters for Grid Security

Learn how east-west traffic visibility helps detect and stop lateral movement attacks inside electric grid infrastructure and critical OT networks.

Consumer Focus Mar 18, 2026

Save to Folio

Consumer Focus Mar 18, 2026

Save to Folio

Ciberamenazas

From Misconfigured Spring Boot Actuator to SharePoint Exfiltration: How Stolen Credentials Bypass MFA

Not every cloud breach starts with malware or a zero-day. In this incident, attackers discovered an exposed Spring Boot Actuator endpoint, harvested credentials from leaked configuration data, then used the OAuth2 Resource Owner Password Credentials (ROPC) flow to authenticate without MFA.

Investigations Mar 18, 2026

Save to Folio

Investigations Mar 18, 2026

Save to Folio

New Threat Trends: How Service Providers Stay Ahead

Standing still means falling behind. To me, this phrase perfectly describes the reality that cybersecurity is a continuous process.

Expert Perspective Mar 17, 2026

Save to Folio

Expert Perspective Mar 17, 2026

Save to Folio