NIST Updates DNS Security, PyPI Packages Compromised
▼ Summary
– NIST updated its DNS security guidance for the first time in over a decade, focusing on using DNS as a security control, securing the protocol, and protecting infrastructure.
– A critical remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP APM is under active exploitation according to CISA.
– The TeamPCP cybercriminal group conducted supply chain attacks, compromising PyPI packages like telnyx and LiteLLM to deliver malware.
– A Russian national was sentenced to 81 months in prison for helping ransomware groups, causing over $9 million in actual losses.
– The US FCC banned all new foreign-made routers from import and sale, citing an unacceptable national security risk.
The cybersecurity landscape continues to evolve at a breakneck pace, with critical vulnerabilities and supply chain attacks dominating the threat landscape this week. The National Institute of Standards and Technology (NIST) has issued its first major update to DNS security guidance in over twelve years, a significant revision reflecting how foundational yet often overlooked this protocol remains for organizational security. The new guide, SP 800-81r3, shifts focus toward using DNS as an active security control while also detailing how to secure the protocol and its underlying infrastructure.
Active exploitation is underway for a severe flaw in F5’s BIG-IP Access Policy Manager, tracked as CVE-2025-53521. The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that this unauthenticated remote code execution vulnerability poses an immediate risk, urging administrators to patch promptly. Meanwhile, the criminal group TeamPCP has expanded its campaign of PyPI package compromises, with malicious versions of the popular LiteLLM library discovered on the Python repository. These packages contained a credential stealer and malware dropper, continuing a pattern of targeting widely used open-source tools.
A parallel concern is the fragmented state of post-quantum cryptography adoption. Experts note a widening gap between organizations that have achieved genuine crypto-agility in their infrastructure and those merely using the term without the underlying capability. This disparity creates significant risk as quantum threats advance, including the danger of store-now-decrypt-later attacks where encrypted data is harvested today for future decryption. Google has outlined an ambitious 2029 timeline for its own post-quantum cryptography migration, highlighting the urgency for enterprise planning.
In the realm of AI security, a pressing issue is the lack of governance for AI agent access. A recent survey reveals that most organizations have agents operating in core systems, yet nobody clearly owns how these agents authenticate or what data they can access. This data-layer risk represents a profound security gap, as autonomous agents move and combine sensitive information with little oversight. Simultaneously, researchers have demonstrated ProAttack, a nearly undetectable prompt-based backdoor attack on large language models that can achieve a 100% success rate with only a handful of poisoned samples, underscoring vulnerabilities in standard prompt engineering practices.
CISA has added two new flaws to its Known Exploited Vulnerabilities catalog, signaling rapid weaponization. These include a code injection bug in the Langflow AI framework and an embedded malicious code vulnerability in Aqua Security’s Trivy scanner. On the defensive front, GitHub is enhancing its native security with AI-powered detections to identify risks earlier in the development lifecycle, a move aimed at reducing the secrets sprawl that saw over 28 million new hardcoded credentials exposed in public commits last year.
Hardware and infrastructure security also saw major developments. The US Federal Communications Commission (FCC) has banned the import and sale of all new foreign-made routers, citing an unacceptable national security risk. In enterprise environments, Forescout’s 2026 Riskiest Devices research identifies eleven new asset types that are expanding the attack surface, many of which are difficult to inventory and patch. Attackers are capitalizing on this complexity, with Mandiant’s M-Trends 2026 report finding that exploits remain the top entry point and that internal hand-offs between threat actors now occur in as little as 22 seconds.
The legal consequences for cybercrime are intensifying. A Russian national was sentenced to 81 months in prison for acting as an initial access broker for ransomware groups, facilitating attacks that caused millions in losses. In a separate case, a botnet operator behind $14 million in ransomware extortion was sentenced to 24 months. These prosecutions highlight growing international law enforcement focus on dismantling the ecosystems that enable major attacks.
Finally, the industry continues to innovate under pressure. NVIDIA has donated its Dynamic Resource Allocation (DRA) Driver for GPUs to the Cloud Native Computing Foundation, putting critical GPU orchestration tooling into community hands. For penetration testers, Kali Linux 2026.1 has shipped with a new BackTrack-inspired mode and several tool updates. However, a persistent challenge remains: one in five enterprise endpoints operates outside a protected state daily, a statistic unchanged despite increased security spending, revealing a deep disconnect between security investments and measurable resilience.
(Source: Help Net Security)