follow.it gives you an easy way to subscribe to Phoenix Security's news feed! Click on Follow below and we deliver the updates you want via email, phone or you can read them here on the website on your own news page.
You can also unsubscribe anytime painlessly. You can even combine feeds from Phoenix Security with other site's feeds!
Title: Phoenix Security - FIX Vulnerability with context from appsec to cloud security
Is this your feed? Claim it!
Phoenix Security confirmed three command injection vulnerabilities in Anthropic's Claude Code CLI — all sharing the same root cause — with runtime proof-of-concept showing full credential exfiltration from CI/CD pipelines in non-interactive mode where the only trust gate is intentionally absent.
The post
Phoenix ships workflow automation, a rebuilt Remedies screen, container deduplication, and Azure connectors — so security teams spend less time managing findings and more time closing them.
The post Remediation, Rebuilt appeared first on
One of the most widely used npm packages — axios — was compromised via a hijacked maintainer account on March 31, 2026. Versions 1.14.1 and 0.30.4 contain a hidden dependency that deploys a cross-platform remote access trojan in under 15 seconds. No CVE assigned. Traditional scanners will not catch it.
The post
TeamPCP hid a credential stealer inside a WAV audio file — invisible to static analysis — and used tokens stolen from litellm three days earlier to publish it directly to PyPI, bypassing GitHub entirely.
The post TeamPCP...
Day 6 of TeamPCP Attack. TeamPCP has crossed the Rubicon from CI/CD tooling into production AI infrastructure. LiteLLM versions 1.82.7 and 1.82.8 on PyPI contain a three-stage credential stealer that harvests SSH keys, cloud secrets, and Kubernetes tokens, deploys privileged pods across every node in your cluster, and installs a persistent backdoor polling for additional payl...