Mastodawn

US-Regierung versus #Anthropic: Berufung gegen Sanktionsstopp | heise online https://www.heise.de/news/US-Regierung-versus-Anthropic-Berufung-gegen-Sanktionsstopp-11245632.html #AnthropicPentagon #Pentagon #SupplyChainRisk

US-Regierung versus Anthropic: Berufung gegen Sanktionsstopp

KI-Entwickler Anthropic wehrte sich zunächst mit Erfolg gegen Sanktionen der Trump-Regierung. Die setzt nun zum Gegenschlag an.

heise online

Manuel Bissey 5d ago

A backdoored Axios npm package delivered a RAT - another reminder that even trusted libraries can turn into attack vectors. Verify before you trust. 📦⚠️ #OpenSourceSecurity #SupplyChainRisk

https://www.theregister.com/2026/03/31/axios_npm_backdoor_rat/

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios

The Register

Techdirt Mar 27

Hegseth’s War On Anthropic Encounters The First Amendment

https://fed.brid.gy/r/https://www.techdirt.com/2026/03/27/hegseths-war-on-anthropic-encounters-the-first-amendment/

Hegseth’s War On Anthropic Encounters The First Amendment

The expression, “to make a federal case out of something” usually describes making a bigger deal out of something than it should be. But in the case of Anthropic and Hegseth, Trump, and the Departm…

Techdirt

Bug Bounty Shorts Mar 27

How a Routine Security Review Turned Into a Full Supply Chain Risk Discovery
This article discusses an XSS (Cross-Site Scripting) vulnerability within an enterprise application, which led to the exposure of its entire supply chain. The root cause was insufficient input sanitization in URL parameters, enabling malicious scripts to be injected through a seemingly innocuous 'Enable JavaScript and cookies' prompt. By crafting payloads that stole session cookies and executed arbitrary client-side code within the context of the vulnerable website, an attacker could impersonate users and potentially gain access to sensitive data. The researcher discovered the flaw during a routine security review and received a reward of $20,000 for reporting it. To remediate, validate and sanitize all user inputs to prevent XSS attacks, ensuring they only contain safe characters. Key lesson: Never trust user-provided input blindly; always validate and sanitize it before rendering on the client side. #BugBounty #Cybersecurity #XSS #InputSanitization #SupplyChainRisk

https://medium.com/@mothersamantha/how-a-routine-security-review-turned-into-a-full-supply-chain-risk-discovery-02cac53fe174?source=rss------bug_bounty-5

How a Routine Security Review Turned Into a Full Supply Chain Risk Discovery

I spend a lot of time looking at how real applications behave in the browser. Recently, during a routine review of a retail platform, I ran…

Medium

ml4den Mar 27

This week’s cybersecurity landscape brought a wave of critical vulnerabilities being weaponised faster than ever, leaving little time for defenders to respond.

#Cybersecurity #AIsecurity #NationStateIntrusion #SupplyChainRisk

https://cybernewsweekly.substack.com/p/cybersecurity-news-review-week-13-088

Cybersecurity News Review - Week 13 (2026)

This week’s cybersecurity landscape brought a wave of critical vulnerabilities being weaponised faster than ever, leaving little time for defenders to respond.

Cybersecurity News Weekly

Benjamin Carr, Ph.D. 👨🏻‍💻🧬Mar 25

A federal judge on Tuesday called the #Pentagon's treatment of #Anthropic "troubling" as the AI company urged the court to pause the Trump administration's designation of the company as a #supplychainrisk.
#US District Judge Rita Lin referred to three Trump admin actions: President Trump's ban on Anthropic, #DefenseSecretary #PeteHegseth's requirement that Pentagon contractors cut commercial ties with the company, and Anthropic's designation as a supply chain risk.
https://www.axios.com/2026/03/24/judge-pentagon-anthropic-troubling #AI

Judge questions Pentagon's "troubling" Anthropic actions

"It looks like an attempt to cripple Anthropic," said U.S. District Judge Rita Lin.

Axios

Manuel Bissey Mar 25

Over 1,000 cloud environments were infected following a supply-chain compromise — one weak link, massive blast radius. Cloud scale amplifies everything. ☁️💥 #SupplyChainRisk #CloudSecurity

https://www.theregister.com/2026/03/24/1k_cloud_environments_infected_following/

1K+ cloud environments infected following Trivy supply chain attack

RSAC 2026: Crims 'creating a snowball effect' across open source projects

The Register

Global News Mar 24

Pentagon blacklisting Anthropic looked like punishment for AI stance: judge
Anthropic’s lawsuit alleges that U.S. Defense Secretary Pete Hegseth overstepped his authority when he designated Anthropic a national security supply-chain risk.
#Tech #USNews #Anthropic #ArtificialIntelligence
https://globalnews.ca/news/11744456/anthropic-ai-safety-pentagon-lawsuit-judge/

Global News National Mar 24

Pentagon blacklisting Anthropic looked like punishment for AI stance: judge
Anthropic’s lawsuit alleges that U.S. Defense Secretary Pete Hegseth overstepped his authority when he designated Anthropic a national security supply-chain risk.
#Tech #USNews #Anthropic #ArtificialIntelligence
https://globalnews.ca/news/11744456/anthropic-ai-safety-pentagon-lawsuit-judge/

Global News US News Mar 24

Pentagon blacklisting Anthropic looked like punishment for AI stance: judge
Anthropic’s lawsuit alleges that U.S. Defense Secretary Pete Hegseth overstepped his authority when he designated Anthropic a national security supply-chain risk.
#Tech #USNews #Anthropic #ArtificialIntelligence
https://globalnews.ca/news/11744456/anthropic-ai-safety-pentagon-lawsuit-judge/