Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
î „Ravie Lakshmananî ‚May 23, 2026Supply Chain Attack / Malware Cybersecurity researchers have flagged a fresh software supply chain attack campaign that...
Malware Cybersecurity
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
î „Ravie Lakshmananî ‚Apr 29, 2026Supply Chain Attack / Malware Cybersecurity researchers are sounding the alarm about a new supply chain attack...
Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
î „Ravie Lakshmananî ‚Apr 22, 2026Cyber Espionage / Malware Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE...
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
î „Ravie Lakshmananî ‚Mar 12, 2026Artificial Intelligence / Malware Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed...
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
î „Ravie Lakshmananî ‚Mar 02, 2026Supply Chain Attack / Malware Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview...
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
î „Ravie Lakshmananî ‚Feb 25, 2026Cybersecurity / Malware Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET...
Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
î „Ravie Lakshmananî ‚Feb 02, 2026Developer Tools / Malware Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open...
Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan
î „Ravie Lakshmananî ‚Jan 28, 2026Supply Chain Security / Malware Cybersecurity researchers have discovered two malicious packages in the Python Package Index...
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
î „Ravie Lakshmananî ‚Jan 27, 2026Web Security / Malware Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has...
Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware
î „Ravie Lakshmananî ‚Jan 26, 2026Cyber Espionage / Malware Cybersecurity researchers have discovered an ongoing campaign that's targeting Indian users with a...