Advertisement
Glassworm Botnet Infrastructure Disrupted: Solana and DHT C2 Analysis
Researchers disrupt the Glassworm botnet, which utilized Solana blockchain and BitTorrent DHT for resilient C2 to target software developers.
Laravel-Lang PHP Packages Compromised: Credential Stealer Alert
Multiple Laravel-Lang PHP packages have been compromised to deliver a cross-platform credential stealer. Learn how to detect and mitigate this supply chain threat.
Linux Rootkits and Router Zero-Day Exploits: ThreatsDay Analysis
Recent intelligence highlights a surge in Linux rootkits and router zero-day vulnerabilities targeting trusted system components and AI-driven intrusions.
GitHub Repository Breach Linked to TanStack Supply Chain Attack
GitHub confirms the breach of 3,800 internal repositories via a compromised VS Code extension linked to the TanStack npm supply chain attack.
GitHub Actions Supply Chain Attack: actions-cool/issues-helper
Analysis of the actions-cool/issues-helper supply chain attack where tags were redirected to steal credentials. Learn how to detect and mitigate this threat.
Shai-Hulud Infostealer Surfaces in Malicious npm Package Campaign
Leaked Shai-Hulud malware is targeting Node.js developers via malicious npm packages, exfiltrating sensitive data and credentials to Telegram-based C2.
Microsoft Exchange Zero-Day and npm Supply Chain Worm Under Active Use
Critical security briefing on the active exploitation of an Exchange Server zero-day, npm supply chain worms, and Cisco network control vulnerabilities.
RubyGems Signups Suspended Amid Massive Malicious Package Attack
RubyGems halts new registrations after hundreds of malicious packages flood the registry, signaling a major supply chain security threat for Ruby developers.
Mini Shai-Hulud Worm Compromises TanStack and Mistral AI Packages
TeamPCP actor compromises major npm and PyPI packages including TanStack and Mistral AI via the Mini Shai-Hulud worm, deploying profiling malware.
PyPI Supply Chain Threat: Deceptive Packages Target Developers
Analysis of malicious Python packages such as cryptography-util using deceptive naming to exfiltrate Discord tokens and system metadata via webhooks.
JDownloader Site Compromise: Python RAT Distribution Analysis
Attackers compromised JDownloader's site to distribute malicious installers containing a Python-based RAT. Learn how to detect and mitigate this threat.
Microsoft Edge Plaintext Password Exposure and ICS Zero-Day Risks
Analysis of Microsoft Edge plaintext password storage risks, newly disclosed ICS zero-day vulnerabilities, and Telegram-based data exfiltration TTPs.