#Credential Theft
LiteLLM SQL injection flaw puts AI gateways on the front line
LiteLLM SQL injection flaw puts AI gateways on the front line CVE-2026-42208 matters because it turns an AI gateway into a high-value choke point for attackers....
Lucas Oliveira
Research
PyTorch Lightning supply-chain compromise puts AI developer credentials at risk
PyTorch Lightning supply-chain compromise puts AI developer credentials at risk The most dangerous supply-chain incidents are not always the ones that hit opera...
Lucas Oliveira
Research
Bitwarden CLI npm compromise exposes CI/CD credential risk
Bitwarden CLI npm compromise exposes CI/CD credential risk A brief compromise of the Bitwarden CLI npm distribution is still a high-priority defender story beca...
Lucas Oliveira
Research
CVE-2026-39987 puts exposed Marimo notebooks on a fast credential-theft path
CVE-2026-39987 puts exposed Marimo notebooks on a fast credential-theft path CVE-2026-39987 is a sharp reminder that smaller developer and data-science platform...
Lucas Oliveira
Research
Storm-1175 turns patch gaps into rapid Medusa ransomware intrusions
Storm-1175 turns patch gaps into rapid Medusa ransomware intrusions Storm-1175 is a financially motivated threat actor that Microsoft says has been using newly...
Lucas Oliveira
Research
LeakBase arrest is a warning to review stolen credential exposure now
LeakBase arrest is a warning to review stolen credential exposure now | 2026 The reported arrest of the alleged LeakBase administrator in Russia is the kind of...
Lucas Oliveira
Research
Poisoned Trivy scanner led to malicious LiteLLM releases on PyPI
Poisoned Trivy scanner led to malicious LiteLLM releases on PyPI | 2026 The LiteLLM incident is what modern software supply-chain compromise looks like when one...
Lucas Oliveira
Research
Trivy GitHub Action compromise exposed CI/CD secrets in a stealth supply-chain attack
Trivy GitHub Action compromise exposed CI/CD secrets in a stealth supply-chain attack A supply-chain compromise in Aqua Security’s aquasecurity/trivy-action sho...
Lucas Oliveira
Research
CVE-2025-26399: SolarWinds WHD Exploitation Hits Servers
CVE-2025-26399: SolarWinds WHD Exploitation Hits Servers | 2026 Executive Summary CVE-2025-26399 in SolarWinds Web Help Desk has moved from “critical but patcha...
Lucas Oliveira
Research
TELUS Digital breach: ShinyHunters claims 1PB data theft
TELUS Digital breach: ShinyHunters claims 1PB data theft | 2026 Executive Summary TELUS Digital confirmed on March 12, 2026 that it is investigating unauthorize...
Lucas Oliveira
Research
Chrome Extension Supply-Chain Attack: ShotBird and QuickLens
Chrome Extension Supply-Chain Attack: ShotBird and QuickLens | 2026 Executive Summary ShotBird and QuickLens, two Chrome extensions that were previously legitim...
Lucas Oliveira
Research