SANS Stormcast Thursday, March 26th, 2026: Apple Patches; SmatApeSG Update; Trivy/LiteLLM/TeamPCP Update; Google Accelerates Quantum Save Crypto Rollout

The latest Apple security update addressed 85 distinct vulnerabilities across iOS, macOS, and watchOS. iOS 18 received patches, while macOS versions 14, 15, and 26 were all covered. Notably, the watchOS updates for versions 26 and two older releases did not contain any security fixes, leaving those devices potentially exposed to previously disclosed exploits that have historically migrated from targeted spyware to broader malware. Although none of the newly patched flaws are known to be actively exploited, the advisory reinforces the industry‑wide best practice of applying updates promptly to reduce attack surface.

The discussion then shifted to the LiteLLM supply‑chain incident and Team PCP’s credential hoard. Experts emphasized immediate credential rotation for any affected or suspect deployments, recommending automation to avoid the manual errors that plagued earlier compromises. Michael Rosenfeld’s blog highlighted the pitfalls of pinning to static Git SHA hashes, urging developers to implement robust secret‑management pipelines. Team PCP reportedly holds roughly 300 GB of credential data, illustrating how credential sprawl can become a treasure trove for attackers. Continuous rotation and centralized secret vaults are now essential controls for organizations running AI‑enabled tooling.

Google announced an accelerated roadmap to quantum‑safe cryptography, targeting full deployment by 2029. The move reflects growing concerns that future quantum computers could break today’s public‑key algorithms, prompting major platforms such as Android and Chrome to prepare for post‑quantum standards. For enterprises, the timeline suggests that by the early 2030s, quantum‑resistant libraries will be widely available, enabling a phased migration without disruptive overhauls. Companies should begin evaluating post‑quantum algorithms, updating key‑management policies, and testing interoperability to stay ahead of the emerging cryptographic landscape.