Operation Ramz Cuts Phishing and Malware Servers in MENA
INTERPOL says Operation Ramz led to 201 arrests and the seizure of…
SHub macOS Stealer Uses Fake Login Lures to Harvest Data
SentinelOne says SHub Reaper uses fake macOS security and login prompts to…
FrostyNeighbor Targets Ukraine With PDF Lures and PicassoLoader
ESET says FrostyNeighbor is using fake Ukrtelecom-themed PDF lures, Ukrainian geofencing, JavaScript…
Microsoft Details Kazuar Botnet Used by Secret Blizzard
Microsoft published a technical analysis of Kazuar, a modular Secret Blizzard botnet…
node-ipc npm Package Compromised With Credential Stealer
Malicious node-ipc versions 9.1.6, 9.2.3, and 12.0.1 were published to npm with…
KongTuke Uses Microsoft Teams Help-Desk Lures to Drop ModeloRAT
KongTuke moved from web-based ClickFix lures into external Microsoft Teams chats, using…
RubyGems Pauses Signups After Malicious Package Attack
RubyGems disabled new account registration after reports of hundreds of malicious packages,…
Mini Shai-Hulud Hits TanStack npm Packages With Signed Malware
Mini Shai-Hulud abused trusted publishing to ship malicious TanStack npm packages with…
TrickMo.C Android Banker Turns Phones Into Proxy Nodes
TrickMo.C moves Android banking malware control to TON/.adnl and adds proxy/pivot features,…
Checkmarx Jenkins Plugin Compromise Put CI Secrets at Risk
A rogue Checkmarx AST Scanner Jenkins plugin release put CI/CD source code…
cPanel CVE-2026-41940 Exploited to Drop Filemanager Backdoor
Attackers are exploiting cPanel & WHM CVE-2026-41940 to deploy a Filemanager backdoor,…
PamDOORa Linux PAM Backdoor Turns SSH Login Into a Trap
PamDOORa is a Linux PAM-based backdoor marketed for persistent OpenSSH access and…