malware 91
- Fake IT Support Calls on Microsoft Teams Deliver EtherRAT Malware
- AI-Generated Browser Ransomware Abuses Chromium API
- New 'Mistic' RAT Opens Door to Several Ransomware Families
- StrikeShark Campaign Delivers Cobalt Strike via SharkLoader
- ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack
- New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer
- CryptoBandits Malware Combines Backdoor and Infostealer, Abuses Tor for C2
- 'Popa' Android Botnet Linked to Publicly-Traded Israeli Proxy Firm
- 144 Mastra npm Packages Compromised in Supply Chain Attack
- Supply Chain Attack Hits 1,500 Arch Linux AUR Packages
- DragonForce Ransomware Hides C2 Traffic Inside Microsoft Teams Infrastructure
- Trusted WordPress Plugin Scripts Tampered to Plant Hidden Admin Backdoors
- Microsoft GitHub Repos Compromised to Push Password-Stealing Malware (Miasma)
- Shai-Hulud / Hades Supply Chain Campaign Hits 100+ npm and PyPI Packages
- Chinese APT UNC5221 Deploys New Malware Families Plenet and AgentPSD Against Microsoft 365
- New Chinese Espionage Cluster OP-512 Targets IIS Servers With Custom Web Shell Framework
- PCPJack Hijacks 230 AWS, Azure, and GCP Servers to Build Covert SMTP Relay Network
- Rust-Written IronWorm Malware Hits NPM in Credential-Propagating Supply Chain Attack
- IronWorm Infostealer Hits 36 npm Packages in Supply-Chain Attack
- Pakistan-Linked Actor Deploys Xeno RAT Against Afghan Finance Ministry
- Argamal RAT Distributed via Infected Hentai Games
- AI-Built Ransomware Toolkit Automates EDR Evasion and Active Directory Discovery
- Gamaredon Exploits WinRAR CVE-2025-8088 to Deploy GammaWorm and GammaSteel Against Ukraine
- Russia's FSB Claims Foreign Intelligence Agencies Installed Malware on Senior Officials' Phones
- Operation FlutterBridge: macOS Malvertising Campaign Distributes New FlutterShell Backdoor
- Pakistan-Linked SideCopy Deploys Xeno RAT Against Afghanistan Finance Ministry
- SideCopy Targets Afghanistan Finance Ministry with Xeno RAT via Pashto-Language Spear Phishing
- FortiClient EMS Auth Bypass CVE-2026-35616 Actively Exploited to Deploy EKZ Credential Stealer
- Malicious npm Package Exfiltrated Files from Claude AI User Directories
- Attackers Use AI Chatbot Responses to Deliver Cryptojacking Malware
- MuddyWater Uses DLL Side-Loading in Global Espionage Campaign Hitting 9 Countries
- KnowledgeDeliver LMS Zero-Day Exploited to Deploy Godzilla Web Shell and Cobalt Strike
- Laravel-Lang Packages Poisoned to Exfiltrate CI Secrets
- Lazarus Group Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
- Megalodon Supply Chain Attack Infects 5,500+ GitHub Repositories
- Packagist Supply Chain Attack Injects Linux Malware Into 8 Composer Packages
- Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
- Reaper macOS Malware and Two Microsoft Defender Zero-Days Exploited in the Wild
- Iranian APT Screening Serpens Uses AppDomainManager Hijacking in 2026 Espionage Campaigns
- Megalodon GitHub Attack Injects Malicious CI/CD Workflows into 5,561 Repos
- Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack
- Unit 42: TamperedChef Clusters Deliver Stealthy Payloads via Trojanized Productivity Apps
- GitHub Confirms 3,800 Internal Repos Breached via Malicious VS Code Extension
- Microsoft Disrupts Fox Tempest Malware-Signing-as-a-Service Platform
- New Shai-Hulud Wave Compromises 600+ npm Packages in Fresh Supply Chain Hit
- node-ipc npm Package Compromised in Supply Chain Attack to Steal Credentials
- TanStack Supply Chain Attack Compromised Two OpenAI Employee Devices, Credentials Stolen
- TeamPCP Releases Shai-Hulud Worm Source Code, Invites Supply Chain Attacks with Monetary Rewards
- Hugging Face Model Tokenizer Files Can Be Weaponized to Hijack Outputs and Exfiltrate Data
- Official Checkmarx Jenkins AST Plugin Backdoored with Infostealer
- GhostLock PoC: Legitimate Windows File API Abused to Block Local and SMB File Access
- JDownloader Website Compromised to Distribute Python RAT via Malicious Installers
- VoidStealer Trojan Bypasses Chrome App-Bound Encryption to Steal Credentials
- CloudZ RAT Abuses Windows Phone Link to Steal Credentials and Bypass 2FA
- DAEMON Tools Supply Chain Attack Hits Government and Scientific Targets
- New Quasar Linux Malware Targets Software Developers with Rootkit and Backdoor
- DAEMON Tools Official Installers Backdoored in Supply Chain Attack
- ScarCruft Compromises Gaming Platform to Deploy BirdCall Backdoor on Android and Windows
- Backdoored PyTorch Lightning Package on PyPI Delivers Credential Stealer
- DigiCert Support Portal Hacked via Malware; Certificates Revoked
- Hugging Face and ClawHub Abused as Malware Distribution Platforms
- TeamPCP 'Mini Shai-Hulud' Supply Chain Attack Hits SAP npm Packages
- PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials
- WordPress Redirect Plugin Hid Dormant Backdoor for Five Years Across 70,000 Sites
- SAP npm Packages Compromised in Credential-Stealing Supply Chain Attack
- Vect 2.0 Ransomware Behaves as Wiper Due to Encryption Design Flaw
- DPRK Threat Actors Use Claude Opus to Plant Malicious npm Packages
- PyPI Package 'elementary-data' with 1.1M Monthly Downloads Backdoored to Steal Credentials
- 73 Fake VS Code Extensions on Open VSX Deliver GlassWorm v2 Infostealer
- Unit 42 Maps npm Attack Surface: Wormable Malware, CI/CD Persistence, and Multi-Stage Chains
- China-Backed Hackers Are Industrializing Botnet Operations for Low-Attribution Attacks
- Bitwarden npm Supply Chain Attack Attributed to TeamPCP; Shai-Hulud Worm Component Identified
- Cisco Talos Documents macOS Living-Off-the-Land Techniques Using Native OS Primitives
- KelpDAO Suffers $290 Million Heist Tied to Lazarus Hackers
- 26 Malicious Crypto Wallet Apps Found in China's Apple App Store
- Gentlemen Ransomware Integrates SystemBC for Bot-Powered Corporate Attacks
- 30+ EssentialPlugin WordPress Plugins Backdoored in Supply Chain Compromise
- Threat Actors Abusing n8n Agentic AI Workflow Platform in Email Attack Campaigns
- 100+ Malicious Chrome Extensions in Web Store Steal Google OAuth Tokens and Deploy Backdoors
- ShinyHunters Leaks Rockstar Games Analytics Data Stolen via Anodot Breach
- OpenAI Rotates macOS Code-Signing Certs After North Korea-Linked Axios Supply Chain Attack
- APT41 Deploys Zero-Detection Backdoor to Harvest Cloud Credentials via Typosquatting C2
- Fake Claude Website Delivers PlugX RAT via DLL Sideloading
- CPUID Supply Chain Attack Poisons CPU-Z and HWMonitor Downloads
- Smart Slider 3 Pro Update System Hijacked to Deliver Backdoored WordPress and Joomla Versions
- ClipBanker Malware Distributed via Trojanized Proxifier in Multi-Stage Attack Chain
- Russia's APT28 Conducts Malwareless Espionage via SOHO Router DNS Hijack
- SVG Pixel Trick Hides Credit Card Skimmer Across Nearly 100 Magento Stores
- Atomic Stealer Delivered to macOS Users via ClickFix Script Editor Attack
- Chaos Botnet Variant Expands to Misconfigured Cloud Deployments, Adds SOCKS Proxy
- LiteLLM Supply Chain Attack — PyPI Packages Compromised