Cybersecurity threats have surged with a diverse array of incidents over the past 48 hours. This report consolidates the latest incidents and alerts, highlighting critical threats such as supply chain attacks, corporate fraud, ransomware, and data breaches. The analysis provides actionable recommendations and references to original sources for a comprehensive understanding.
Supply Chain Attacks
Supply Chain Attacks have surged in March 2026, targeting widely used open-source packages. Two major incidents involved the Axios NPM package and LiteLLM PyPI library, both attributed to threat actors TeamPCP and Lapsus$. On March 30, 2026, the Axios NPM package was compromised via an account takeover attack, injecting a hidden dependency that acted as a cross-platform Remote Access Trojan (RAT) dropper. The LiteLLM attack compromised Mercor, a $10B AI startup, accessing AI training workflows and internal communications. Zscaler detects compromised packages with threat names such as JS.Malicious.npmpackage and Python.RAT.npmpackage.
Corporate WhatsApp Fraud
Corporate WhatsApp Fraud in Hyderabad targets CEOs, CFOs, and accountants via phishing emails and malware. Scammers hijack active WhatsApp Web sessions to send urgent payment requests, transferring crores of rupees to mule accounts. The Hyderabad Police advise implementing strict verification protocols and logging out of WhatsApp Web post-use. For more information, refer to the Telangana Today report.
Interstate Cyber Fraud Gang
An interstate cyber fraud gang was busted in Varanasi, duping victims via Telegram under the guise of investment, trading, and gaming. The gang lured victims with lucrative offers and recruited mule account holders to route Rs 67 crore in fraudulent transactions. The gang used APK files to auto-forward OTPs and earned commissions in cryptocurrency. The Ghazipur Police seized 19 SIM cards, 12 ATM cards, 5 passbooks, chequebooks, stamps/seals, GST/MSME documents, and confiscated Rs 2.5 crore and Rs 1.75 crore from two accused. For more details, refer to the Times of India report.
The gang’s modus operandi involved targeting individuals in need of cash, using their Aadhaar/PAN to open MSME/GST-registered current accounts. They shared account credentials via Telegram for illegal transactions, routing funds through crypto trading platforms. Alerts were issued to Cyber Crime HQ (Lucknow) and MHA due to pan-India operations. This incident highlights the rising trend of multi-state scams and the need for vigilant financial fraud detection. Cyber scams and financial frauds continue to be a significant threat, requiring robust cybersecurity measures and public awareness.
Qilin Ransomware Attack on Die Linke
The Qilin group, known for its sophisticated ransomware attacks, targeted the German political party Die Linke. The attack resulted in the theft of 1.5 TB of data, including internal communications, administrative files, and personal data. Although the membership and donation databases were reportedly unaffected, the breach underscores the vulnerability of political entities to cyber threats. Die Linke has notified data protection authorities and law enforcement, and has engaged forensic specialists to assess the scope of the attack. The party is also beginning to notify affected individuals. This incident highlights the need for robust cybersecurity measures in political organizations to safeguard sensitive data and maintain public trust.
Final words
The past 48 hours have seen a diverse and sophisticated array of cyber threats, from supply chain compromises to corporate fraud and ransomware. Key trends include exploitation of open-source ecosystems, social engineering, cryptocurrency-enabled fraud, and AI supply chain risks. Stay vigilant and refer to the linked articles for detailed guidance. Contact us for more information.