node-ipc npm Package Compromised With Credential Stealer
Malicious node-ipc versions 9.1.6, 9.2.3, and 12.0.1 were published to npm with a credential-stealing CommonJS payload. Check lockfiles, CI logs, and egress for the new indicators.
News desk
Security News
Security incidents, exploited vulnerabilities, breach reports, malware campaigns, and urgent patch notes arranged for fast daily scanning.
June 24, 2026
Latest reports
Microsoft Word Preview Pane RCE Bugs Put Outlook Users at Risk
Microsoft patched two critical Word RCE bugs where the Preview Pane is an attack vector, making Office updates urgent for Outlook and Microsoft 365…
Fortinet Fixes Critical RCE Flaws in FortiAuthenticator and FortiSandbox
Fortinet patched critical unauthenticated RCE flaws in FortiAuthenticator and FortiSandbox, making exposure review and fast version checks a priority for security appliance admins.
RubyGems Pauses Signups After Malicious Package Attack
RubyGems disabled new account registration after reports of hundreds of malicious packages, making recent Ruby dependency changes and CI caches worth immediate review.
Exim CVE-2026-45185 Dead.Letter Can Lead to Mail Server RCE
Exim 4.99.3 fixes CVE-2026-45185 Dead.Letter, a GnuTLS/BDAT use-after-free that can expose internet-facing mail servers to potential remote code execution.
Mini Shai-Hulud Hits TanStack npm Packages With Signed Malware
Mini Shai-Hulud abused trusted publishing to ship malicious TanStack npm packages with valid provenance, turning package installs into a token-exposure incident for CI and…
TrickMo.C Android Banker Turns Phones Into Proxy Nodes
TrickMo.C moves Android banking malware control to TON/.adnl and adds proxy/pivot features, turning infected phones into traffic-exit nodes for fraud.
Checkmarx Jenkins Plugin Compromise Put CI Secrets at Risk
A rogue Checkmarx AST Scanner Jenkins plugin release put CI/CD source code and secrets at risk. Teams should verify plugin versions, mirrors, caches, and…
cPanel CVE-2026-41940 Exploited to Drop Filemanager Backdoor
Attackers are exploiting cPanel & WHM CVE-2026-41940 to deploy a Filemanager backdoor, steal credentials, and maintain access on hosting servers.