TeamPCP's Cascading Supply Chain Attack Hits LiteLLM; Cisco Firewall Zero-Day Exploited for Weeks

Publication Date: March 26, 2026

Summary

This edition covers a critical 24-hour period in cybersecurity for March 26, 2026. The most significant event is a multi-stage supply chain attack by 'TeamPCP' that compromised the Trivy scanner and pivoted to trojanize the LiteLLM AI gateway, stealing credentials. Concurrently, details emerged of a critical Cisco firewall zero-day (CVE-2026-20131) exploited by the 'Interlock' ransomware gang for over a month before a patch was available. Other major news includes a vishing campaign abusing Microsoft Teams and Quick Assist, new cybersecurity mandates for Ontario's public sector, and a flurry of AI-powered security product announcements from RSA Conference 2026.

Today New Articles

Protos Labs Challenges Threat Intel Market with Freemium Agentic AI Platform

Singapore-based Protos Labs has launched a freemium edition of its Protos AI platform at RSA Conference 2026, aiming to disrupt the traditional cyber threat intelligence (CTI) market. The platform utilizes specialized, coordinated AI agents to automate the ent...

Ontario Enforces New Cybersecurity and Data Transparency Regulations for Public Sector

The government of Ontario, Canada, has filed two new regulations, O. Reg. 51/26 and O. Reg. 52/26, which will come into force on July 1, 2026. These regulations impose significant new cybersecurity and data privacy obligations on public sector entities, includ...

Darktrace Replaces Security Training with 'Adaptive Human Defense'

At RSA Conference 2026, AI cybersecurity firm Darktrace launched 'Adaptive Human Defense,' a new product that shifts away from traditional, scheduled security awareness training. Instead, the platform uses behavioral AI to monitor user actions in real-time and...

NetRise Launches 'Provenance' to Uncover Contributor Risk in Software Supply Chains

Software supply chain security firm NetRise has launched 'Provenance,' a new product announced at RSA Conference 2026 designed to identify risks associated with the individual contributors and organizations behind open-source components. Moving beyond traditio...

Co-op CEO Resigns as Cyber-Attack Fallout Leads to £126 Million Loss

Shirine Khoury-Haq, the chief executive of the UK's Co-op Group, is stepping down effective March 29, 2026. Her departure follows the company's announcement of a £126 million pre-tax loss for the year, a dramatic reversal from the previous year's profit. The c...

Article Updates

Cisco Firewall Zero-Day Exploited by Interlock Ransomware for Over a Month Before Patch

Update:The critical Cisco Firewall zero-day (CVE-2026-20131) has now been officially assigned a CVSS score of 10.0, confirming its maximum severity. Cisco Security Cloud Control was also identified as an additional affected product. New details emerged regarding the...