1,800 Developers Hit in Mini Shai-Hulud Supply Chain Attack Across PyPI, NPM, and PHP
What happened A supply chain attack campaign attributed to TeamPCP, dubbed Mini Shai-Hulud, has compromised packages across the PyPI, NPM,...
attack
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
Ravie LakshmananMay 01, 2026Supply Chain Attack / Malware A new software supply chain attack campaign has been observed using sleeper...
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
Ravie LakshmananApr 30, 2026Supply Chain Attack / Malware In yet another software supply chain attack, threat actors have managed to...
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
Ravie LakshmananApr 29, 2026Supply Chain Attack / Malware Cybersecurity researchers are sounding the alarm about a new supply chain attack...
Introducing Proactive Hardening and Attack Surface Reduction (PHASR) for Linux and macOS
The post Introducing Proactive Hardening and Attack Surface Reduction (PHASR) for Linux and macOS appeared first on Business Insights. As...
Introducing Proactive Hardening and Attack Surface Reduction (PHASR) for Linux and macOS
The post Introducing Proactive Hardening and Attack Surface Reduction (PHASR) for Linux and macOS appeared first on Business Insights. As...
The Attack Runs Itself: What Agentic AI Fraud Actually Looks Like
The post The Attack Runs Itself: What Agentic AI Fraud Actually Looks Like appeared first on Arkose Labs. This is...
Identity Protection in the AI Era
Identity has become the primary attack surface in modern enterprises. As organizations expand across cloud platforms, SaaS ecosystems, and distributed...
GitHub Actions Supply Chain Attack: Trivy Breach & Workflow
The post GitHub Actions Supply Chain Attack: Trivy Breach & Workflow appeared first on Grip Security Blog. Since the end...
MCP Threat Modeling: Understanding the Attack Surface
The post MCP Threat Modeling: Understanding the Attack Surface appeared first on Aembit. *** This is a Security Bloggers Network...
Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
Your attack surface no longer lives on one operating system, and neither do the campaigns targeting it. In enterprise environments, attackers move across...
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long...
North Korea–linked hackers drain $285M from Drift in sophisticated attack
North Korea–linked hackers drain $285M from Drift in sophisticated attack Pierluigi Paganini April 03, 2026 Drift lost $285M in a...
At RSAC 2026, AI Redefines the Future of Penetration Testing
Penetration testing is undergoing a substantial shift as AI reshapes both attack and defense strategies. At RSA Conference 2026,...
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069 Pierluigi Paganini April 01, 2026 Google links the...
