malware 64

• FortiClient EMS Auth Bypass CVE-2026-35616 Actively Exploited to Deploy EKZ Credential Stealer May 28, 2026
• Malicious npm Package Exfiltrated Files from Claude AI User Directories May 27, 2026
• Attackers Use AI Chatbot Responses to Deliver Cryptojacking Malware May 27, 2026
• MuddyWater Uses DLL Side-Loading in Global Espionage Campaign Hitting 9 Countries May 26, 2026
• KnowledgeDeliver LMS Zero-Day Exploited to Deploy Godzilla Web Shell and Cobalt Strike May 25, 2026
• Laravel-Lang Packages Poisoned to Exfiltrate CI Secrets May 25, 2026
• Lazarus Group Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms May 25, 2026
• Megalodon Supply Chain Attack Infects 5,500+ GitHub Repositories May 25, 2026
• Packagist Supply Chain Attack Injects Linux Malware Into 8 Composer Packages May 23, 2026
• Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer May 23, 2026
• Reaper macOS Malware and Two Microsoft Defender Zero-Days Exploited in the Wild May 22, 2026
• Iranian APT Screening Serpens Uses AppDomainManager Hijacking in 2026 Espionage Campaigns May 22, 2026
• Megalodon GitHub Attack Injects Malicious CI/CD Workflows into 5,561 Repos May 22, 2026
• Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack May 20, 2026
• Unit 42: TamperedChef Clusters Deliver Stealthy Payloads via Trojanized Productivity Apps May 20, 2026
• GitHub Confirms 3,800 Internal Repos Breached via Malicious VS Code Extension May 20, 2026
• Microsoft Disrupts Fox Tempest Malware-Signing-as-a-Service Platform May 19, 2026
• New Shai-Hulud Wave Compromises 600+ npm Packages in Fresh Supply Chain Hit May 19, 2026
• node-ipc npm Package Compromised in Supply Chain Attack to Steal Credentials May 15, 2026
• TanStack Supply Chain Attack Compromised Two OpenAI Employee Devices, Credentials Stolen May 15, 2026
• TeamPCP Releases Shai-Hulud Worm Source Code, Invites Supply Chain Attacks with Monetary Rewards May 15, 2026
• Hugging Face Model Tokenizer Files Can Be Weaponized to Hijack Outputs and Exfiltrate Data May 12, 2026
• Official Checkmarx Jenkins AST Plugin Backdoored with Infostealer May 11, 2026
• GhostLock PoC: Legitimate Windows File API Abused to Block Local and SMB File Access May 11, 2026
• JDownloader Website Compromised to Distribute Python RAT via Malicious Installers May 9, 2026
• VoidStealer Trojan Bypasses Chrome App-Bound Encryption to Steal Credentials May 6, 2026
• CloudZ RAT Abuses Windows Phone Link to Steal Credentials and Bypass 2FA May 6, 2026
• DAEMON Tools Supply Chain Attack Hits Government and Scientific Targets May 6, 2026
• New Quasar Linux Malware Targets Software Developers with Rootkit and Backdoor May 5, 2026
• DAEMON Tools Official Installers Backdoored in Supply Chain Attack May 5, 2026
• ScarCruft Compromises Gaming Platform to Deploy BirdCall Backdoor on Android and Windows May 5, 2026
• Backdoored PyTorch Lightning Package on PyPI Delivers Credential Stealer May 4, 2026
• DigiCert Support Portal Hacked via Malware; Certificates Revoked May 4, 2026
• Hugging Face and ClawHub Abused as Malware Distribution Platforms May 1, 2026
• TeamPCP 'Mini Shai-Hulud' Supply Chain Attack Hits SAP npm Packages May 1, 2026
• PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials Apr 30, 2026
• WordPress Redirect Plugin Hid Dormant Backdoor for Five Years Across 70,000 Sites Apr 29, 2026
• SAP npm Packages Compromised in Credential-Stealing Supply Chain Attack Apr 29, 2026
• Vect 2.0 Ransomware Behaves as Wiper Due to Encryption Design Flaw Apr 29, 2026
• DPRK Threat Actors Use Claude Opus to Plant Malicious npm Packages Apr 29, 2026
• PyPI Package 'elementary-data' with 1.1M Monthly Downloads Backdoored to Steal Credentials Apr 27, 2026
• 73 Fake VS Code Extensions on Open VSX Deliver GlassWorm v2 Infostealer Apr 27, 2026
• Unit 42 Maps npm Attack Surface: Wormable Malware, CI/CD Persistence, and Multi-Stage Chains Apr 24, 2026
• China-Backed Hackers Are Industrializing Botnet Operations for Low-Attribution Attacks Apr 24, 2026
• Bitwarden npm Supply Chain Attack Attributed to TeamPCP; Shai-Hulud Worm Component Identified Apr 24, 2026
• Cisco Talos Documents macOS Living-Off-the-Land Techniques Using Native OS Primitives Apr 21, 2026
• KelpDAO Suffers $290 Million Heist Tied to Lazarus Hackers Apr 20, 2026
• 26 Malicious Crypto Wallet Apps Found in China's Apple App Store Apr 20, 2026
• Gentlemen Ransomware Integrates SystemBC for Bot-Powered Corporate Attacks Apr 20, 2026
• 30+ EssentialPlugin WordPress Plugins Backdoored in Supply Chain Compromise Apr 15, 2026
• Threat Actors Abusing n8n Agentic AI Workflow Platform in Email Attack Campaigns Apr 15, 2026
• 100+ Malicious Chrome Extensions in Web Store Steal Google OAuth Tokens and Deploy Backdoors Apr 14, 2026
• ShinyHunters Leaks Rockstar Games Analytics Data Stolen via Anodot Breach Apr 13, 2026
• OpenAI Rotates macOS Code-Signing Certs After North Korea-Linked Axios Supply Chain Attack Apr 13, 2026
• APT41 Deploys Zero-Detection Backdoor to Harvest Cloud Credentials via Typosquatting C2 Apr 13, 2026
• Fake Claude Website Delivers PlugX RAT via DLL Sideloading Apr 13, 2026
• CPUID Supply Chain Attack Poisons CPU-Z and HWMonitor Downloads Apr 10, 2026
• Smart Slider 3 Pro Update System Hijacked to Deliver Backdoored WordPress and Joomla Versions Apr 9, 2026
• ClipBanker Malware Distributed via Trojanized Proxifier in Multi-Stage Attack Chain Apr 9, 2026
• Russia's APT28 Conducts Malwareless Espionage via SOHO Router DNS Hijack Apr 8, 2026
• SVG Pixel Trick Hides Credit Card Skimmer Across Nearly 100 Magento Stores Apr 8, 2026
• Atomic Stealer Delivered to macOS Users via ClickFix Script Editor Attack Apr 8, 2026
• Chaos Botnet Variant Expands to Misconfigured Cloud Deployments, Adds SOCKS Proxy Apr 8, 2026
• LiteLLM Supply Chain Attack — PyPI Packages Compromised Apr 8, 2026