TH
HIGH
Threat Intel
Romanian National Pleads Guilty to Initial Access Brokerage Targeting Oregon State Infrastructure
Catalin Dragomir admitted to harvesting and selling unauthorized administrative credentials for an Oregon state government network, highlighting the persistent threat of Initial Access Brokers (IABs).
Runtime Rebel Intel
2 min read·Feb 23, 2026

HIGH
Supply Chain
SANDWORM_MODE: Malicious npm Cluster Automates Secret Harvesting and Crypto Theft
Security researchers have identified a coordinated campaign involving 19 malicious npm packages designed to exfiltrate CI/CD secrets, API tokens, and private cryptocurrency keys.
Runtime Rebel Intel
2 min read·Feb 23, 2026