OpenAI, Google, Meta—these names dominate headlines when we talk about large models and generative AI. But as AI moves from isolated model demos to always-on systems coordinating tasks at global scale, another player is making a decisive move: Arm. On March 24, 2026, Arm unveiled the Arm AGI CPU, a purpose-built silicon offering intended to be the rack-scale foundation for
LiteLLM Supply Chain Breach — 95M Downloads, Import-Time Backdoor, and What Teams Must Do Now
The Python package ecosystem suffered another high-impact supply chain compromise: LiteLLM — a popular library that routes requests across large language model providers and sees tens of millions of downloads — shipped malicious code in recent PyPI releases. Two versions published on March 24, 2026 (1.82.7 and 1.82.8) contained an import‑time backdoor that escalates into credential harvesting, lateral movement, and
Kali Linux 2026.1 Arrives — New Tools, NetHunter Breakthroughs, and a Nostalgic BackTrack Mode
Kali Linux’s first major release of 2026 lands with a mix of practical upgrades, fresh aesthetics, and a handful of features that will matter to both day-to-day penetration testers and mobile security researchers. Version 2026.1 brings a modernized look, an under‑the‑hood kernel bump, targeted NetHunter enhancements, and eight new offensive-security tools that expand Kali’s capabilities in post‑exploitation, web testing, and
Microsoft Issues Emergency Windows 11 Fix for Microsoft Account Sign-In Failures
Microsoft released an out-of-band update for Windows 11 (KB5085516) on March 21, 2026, to address a sign-in regression introduced by the March 10 cumulative update (KB5079473). Affected users reported being unable to authenticate into apps using personal Microsoft accounts: despite an active internet connection, the sign-in flow incorrectly displayed a “no Internet” error and blocked access to Microsoft services such
AstraZeneca Allegedly Targeted by LAPSUS$ — Claims of a 3GB Internal Data Dump
A known hacking collective identifying as LAPSUS$ has posted claims that it obtained and is attempting to sell a 3GB .tar.gz archive allegedly containing AstraZeneca internal data. As of the reports dated March 20, 2026, AstraZeneca had not issued a public statement confirming or denying the claim. What the threat actors presented The actors published teasers and screenshots on breach
Oracle Issues Urgent Security Update for Critical RCE in Identity Manager and Web Services Manager
Oracle has released an out-of-band security alert to address a critical remote code execution vulnerability, tracked as CVE-2026-21992, affecting Oracle Identity Manager and Oracle Web Services Manager. With a CVSS 3.1 base score of 9.8 and no authentication required, this is a high-risk flaw that can be exploited remotely over HTTP with minimal complexity. Organizations running internet-facing Fusion Middleware components