Daily Digest

TeamPCP's Cascading Supply Chain Attack Hits LiteLLM; Cisco Firewall Zero-Day Exploited for Weeks

TeamPCP's Cascading Supply Chain Attack Hits LiteLLM; Cisco Firewall Zero-Day Exploited for Weeks

March 26, 2026
6 articles (5 new, 1 updated)
18 min read

Summary

This edition covers a critical 24-hour period in cybersecurity for March 26, 2026. The most significant event is a multi-stage supply chain attack by 'TeamPCP' that compromised the Trivy scanner and pivoted to trojanize the LiteLLM AI gateway, stealing credentials. Concurrently, details emerged of a critical Cisco firewall zero-day (CVE-2026-20131) exploited by the 'Interlock' ransomware gang for over a month before a patch was available. Other major news includes a vishing campaign abusing Microsoft Teams and Quick Assist, new cybersecurity mandates for Ontario's public sector, and a flurry of AI-powered security product announcements from RSA Conference 2026.

Filter by Category

New Articles (5)

Protos Labs Challenges Threat Intel Market with Freemium Agentic AI Platform

INFORMATIONAL

Protos Labs Unveils Freemium AI-Powered Threat Intelligence Platform at RSAC 2026

Singapore-based Protos Labs has launched a freemium edition of its Protos AI platform at RSA Conference 2026, aiming to disrupt the traditional cyber threat intelligence (CTI) market. The platform utilizes specialized, coordinated AI agents to automate the entire CTI lifecycle, from planning and evidence collection to analysis and reporting. By offering a freemium tier, Protos Labs seeks to democratize access to advanced CTI capabilities for smaller organizations while allowing large enterprises to augment their existing security teams. The solution is designed to be vendor-agnostic, integrating with existing security stacks and supporting multiple LLMs, including those from Azure OpenAI, Anthropic, and Google Gemini.

March 26, 2026
3 min read
AIagentic AIthreat intelligenceCTIRSAC +1 more
Protos Labs Challenges Threat Intel Market with Freemium Agentic AI Platform

Ontario Enforces New Cybersecurity and Data Transparency Regulations for Public Sector

MEDIUM

Ontario Government Mandates New Cybersecurity Programs and Incident Reporting for Public Sector

The government of Ontario, Canada, has filed two new regulations, O. Reg. 51/26 and O. Reg. 52/26, which will come into force on July 1, 2026. These regulations impose significant new cybersecurity and data privacy obligations on public sector entities, including hospitals, universities, school boards, and children's aid societies. O. Reg. 51/26 mandates the establishment of a formal cybersecurity program, the designation of a senior leader responsible for cybersecurity, regular maturity assessments, and a 72-hour reporting deadline for critical incidents. O. Reg. 52/26 introduces new transparency requirements for school boards regarding the disclosure of student data to third-party software providers.

March 26, 2026
4 min read
regulationcompliancepublic sectorincident reportingdata privacy +1 more
Ontario Enforces New Cybersecurity and Data Transparency Regulations for Public Sector

Darktrace Replaces Security Training with 'Adaptive Human Defense'

INFORMATIONAL

Darktrace Launches AI-Powered, Real-Time Security Coaching to Combat Human Error

At RSA Conference 2026, AI cybersecurity firm Darktrace launched 'Adaptive Human Defense,' a new product that shifts away from traditional, scheduled security awareness training. Instead, the platform uses behavioral AI to monitor user actions in real-time and delivers personalized, contextual 'micro-coaching' sessions at the exact moment a risky behavior is detected, such as interacting with a suspicious email. The system creates a feedback loop with Darktrace's email security solution, using the coaching results to automatically tune security controls for each individual user, thereby creating a personalized defense that strengthens both human and technical layers simultaneously.

March 26, 2026
4 min read
AIsecurity awarenessphishingbehavioral AIRSAC +1 more
Darktrace Replaces Security Training with 'Adaptive Human Defense'

NetRise Launches 'Provenance' to Uncover Contributor Risk in Software Supply Chains

INFORMATIONAL

NetRise 'Provenance' Launched to Identify Risk from Open-Source Contributors

Software supply chain security firm NetRise has launched 'Provenance,' a new product announced at RSA Conference 2026 designed to identify risks associated with the individual contributors and organizations behind open-source components. Moving beyond traditional SBOMs and vulnerability scanning, Provenance provides intelligence on the people and entities writing the code that enterprises rely on. The tool helps organizations identify potentially malicious contributors, understand their 'blast radius' across the software ecosystem, and enforce policies based on contributor risk, such as geographic location, to meet compliance obligations like OFAC.

March 26, 2026
4 min read
supply chain securityopen sourceSBOMDevSecOpsRSAC +1 more
NetRise Launches 'Provenance' to Uncover Contributor Risk in Software Supply Chains

Co-op CEO Resigns as Cyber-Attack Fallout Leads to £126 Million Loss

HIGH

Co-op Group CEO Steps Down After Major Cyber-Attack Contributes to £126M Loss

Shirine Khoury-Haq, the chief executive of the UK's Co-op Group, is stepping down effective March 29, 2026. Her departure follows the company's announcement of a £126 million pre-tax loss for the year, a dramatic reversal from the previous year's profit. The company directly attributed a significant portion of this financial damage to a major cyber-attack in April 2025, which caused widespread disruption, including payment problems and product shortages. The incident reportedly had a direct impact of £285 million on revenues and contributed £107 million to the profit loss, serving as a stark case study on the severe, real-world business consequences of a major cyber incident.

March 26, 2026
4 min read
business impactfinancial lossretailCEOaccountability +1 more
Co-op CEO Resigns as Cyber-Attack Fallout Leads to £126 Million Loss

Updated Articles (1)

Cisco Firewall Zero-Day Exploited by Interlock Ransomware for Over a Month Before Patch

CRITICAL

Cisco FMC Flaw (CVE-2026-20131) Actively Exploited as Zero-Day in Interlock Ransomware Attacks

Update:

The critical Cisco Firewall zero-day (CVE-2026-20131) has now been officially assigned a CVSS score of 10.0, confirming its maximum severity. Cisco Security Cloud Control was also identified as an additional affected product. New details emerged regarding the Interlock ransomware group's operational security mistake, which aided in the discovery of their exploitation campaign. Furthermore, the update provides more granular cyber observables for detection, including specific URL patterns and context, along with expanded detection methods like integrity monitoring and threat hunting. Remediation steps now include explicit references to MITRE D3FEND and ATT&CK mitigations.

March 21, 2026
Updated: March 26, 2026
4 min read
zero-dayinsecure deserializationransomwareKEVCISA +2 more
Cisco Firewall Zero-Day Exploited by Interlock Ransomware for Over a Month Before Patch

📢 Share This Publication

Help others stay informed about cybersecurity threats

📅 Daily Edition

Curated and deduplicated every day from dozens of trusted sources — giving you one clean, consolidated view of what matters in cybersecurity.

🔢 Deduplication Applied

Related stories are merged into a single evolving article rather than repeated as separate entries — cutting through noise so you only read what's new.

🔗 Full Articles Linked

Every entry links to its full enriched article — complete with MITRE ATT&CK mappings, extracted IOCs, and actionable detection and mitigation guidance.