Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
Ravie LakshmananMar 21, 2026Malware / Threat Intelligence The threat actors behind the supply chain attack targeting the popular Trivy scanner...
actors
EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure
EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure Pierluigi Paganini March 17, 2026 EU sanctions Chinese and...
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
Ravie LakshmananMar 17, 2026Threat Intelligence / Endpoint Security North Korean threat actors have been observed sending phishing to compromise targets...
Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack
Following initial access, the threat actors conducted extensive lateral movement using a combination of legitimate administration tools and credential abuse....
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according...
Initial access techniques used by Iran-based threat actors
Iranian‑linked threat groups often use a core set of initial access methods. The threat actors favor cost-effective, repeatable intrusion techniques...
Fake Claude Code Spreads Malware to Windows, macOS Users
Image: Rawpixel/Envato Threat actors are exploiting a common developer habit — copying installation commands directly from websites — to distribute...
Threat actors use custom AuraInspector to harvest data from Salesforce systems
Threat actors use custom AuraInspector to harvest data from Salesforce systems Pierluigi Paganini March 10, 2026 Attackers are mass-scanning Salesforce...
Latest OpenClaw Security Risks are Fake GitHub Repositories Used to Deploy Infostealers
The highly popular and risk-riddled OpenClaw personal AI assistant is being used by bad actors to target users with...
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support...
This month in security with Tony Anscombe – February 2026 edition
In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular...
Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms
Ravie LakshmananFeb 27, 2026Endpoint Security / Windows Security Threat actors are luring unsuspecting users into running trojanized gaming utilities that...
RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious...
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Ravie LakshmananFeb 20, 2026Vulnerability / Cyber Attack Threat actors have been observed exploiting a recently disclosed critical security flaw impacting...
Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations
Ravie LakshmananFeb 13, 2026Malware / Critical Infrastructure Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea,...
