Advertisement

NastyC2 npm Packages, AI Abuse & macOS Threats Identified
Analysis of NastyC2 npm supply chain attacks, Claude chat abuse for malware, memory-resident macOS threats, and device-code phishing.

400+ Arch Linux AUR Packages Hijacked: eBPF Rootkit and Infostealer
Attackers compromised over 400 Arch User Repository (AUR) packages to deploy Rust-based infostealers and eBPF rootkits, targeting developer credentials.
AUR Compromise: 400+ Packages Distributing Rootkits and Infostealers
Over 400 Arch User Repository (AUR) packages compromised to deploy Linux rootkits and harvest credentials, tokens, and sensitive developer data.

Agentjacking: Tricking AI Coding Agents into Malicious Code Execution
Agentjacking is a new attack where crafted Sentry error reports trick AI coding agents into executing arbitrary code on developer systems, risking intellectual property

OceanLotus Targets Vietnam with SPECTRALVIPER Backdoor in FireAnt Attack
OceanLotus APT targets Vietnamese infrastructure and stock investors with SPECTRALVIPER backdoor in multi-year cyber espionage and supply chain campaigns.

Miasma Compromises 73 Microsoft GitHub Repos: Incident Analysis
Microsoft restores some GitHub repositories after 73 projects were hit by Miasma's supply chain attack to inject information stealers. Learn detection steps.
Shai-Hulud Attack: Trojanized PyPI Packages Steal Developer Secrets
New Shai-Hulud supply chain attack compromises 19 science-focused PyPI packages, distributing malware to steal developer credentials and secrets.
TeamPCP Campaign Update: Mini Shai-Hulud Framework Gains Adoption
Analysis of the TeamPCP supply chain campaign, the open-sourcing of the Mini Shai-Hulud framework, and its adoption by diverse threat actor groups in 2026.
Toshiba and Muji Impacted by Polyfill Supply Chain Attack
Toshiba and Muji have warned of malicious login prompts appearing on their sites. This follows the takeover of the Polyfill.io domain used for script injection.

IronWorm: Rust-Written Malware Hits npm Supply Chain Developers
Analysis of the Rust-written IronWorm malware targeting npm supply chain developers. Learn how it steals credentials and propagates, and discover essential mitigation
Hola Browser for Windows Compromised: Cryptominer Delivery via Supply Chain
Critical alert: Hola Browser for Windows compromised in a supply chain attack, delivering an undeclared cryptominer. Learn to detect and mitigate the threat.
Red Hat npm Supply Chain Compromise: Miasma Steals Dev Credentials
Over 30 Red Hat npm packages under @redhat-cloud-services were compromised in a supply chain attack distributing Miasma malware to steal developer credentials.