Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.
Jamf says the Rust-based PamStealer targets Apple Silicon Macs, steals browser, wallet, Keychain, and clipboard data, and persists.
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
June 19, 2026 update: Microsoft assesses with high confidence that this activity is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. The ...
- Bulk-registered DGA-style lure domains - all eight landing sites share the “588gj” prefix and with .shop TLD registered on 2025-09-08. - All these .shop pages redirects to ...
Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. Attacks leveraging the remote code ...
On Monday, the Axios npm supply chain attack came to light where malicious packages had been inserted into one of JavaScript’s most widely used libraries. Three major threat intelligence firms have ...
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked maintainer account is behind the attack. The compromised versions silently ...
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem. Attackers ...
On 2026-03-31, an unknown threat actor compromised the npm account of jasonsaayman, the primary maintainer of axios. The attacker changed the account email to ifstap@proton[.]me and manually published ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results