Packagist Postinstall Malware: What Developers Should Check
A Packagist and GitHub supply-chain campaign used malicious postinstall hooks to fetch…
Laravel-Lang Composer Packages Rewritten to Steal CI Secrets
Laravel-Lang Composer packages were compromised through rewritten tags that run a PHP…
Ghostwriter Uses Prometheus Lures to Drop OYSTERFRESH Malware
CERT-UA says Ghostwriter used compromised accounts and fake Prometheus certificate lures to…
Nimbus Manticore Uses Fake Installers to Drop MiniFast Backdoor
Check Point says Nimbus Manticore used SEO poisoning, fake software lures, and…
Microsoft Defender CVE-2026-41091 and CVE-2026-45498 Exploited
Microsoft says two Defender flaws have been exploited. CISA added both to…
GitHub Internal Repos Exposed Through Poisoned VS Code Extension
GitHub says an employee device was compromised through a poisoned VS Code…
Fox Tempest Signed Malware Service: Why Valid Signatures Are Not Enough
Microsoft says Fox Tempest operated a malware-signing service. Learn why signed malware…
Shai-Hulud AntV npm Supply-Chain Wave: What Developers Should Check
Shai-Hulud returned in an AntV npm supply-chain wave affecting hundreds of packages.…
Operation Ramz Cuts Phishing and Malware Servers in MENA
INTERPOL says Operation Ramz led to 201 arrests and the seizure of…
SHub macOS Stealer Uses Fake Login Lures to Harvest Data
SentinelOne says SHub Reaper uses fake macOS security and login prompts to…
FrostyNeighbor Targets Ukraine With PDF Lures and PicassoLoader
ESET says FrostyNeighbor is using fake Ukrtelecom-themed PDF lures, Ukrainian geofencing, JavaScript…
Microsoft Details Kazuar Botnet Used by Secret Blizzard
Microsoft published a technical analysis of Kazuar, a modular Secret Blizzard botnet…
