Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
Microsoft Defender is incorrectly flagging legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha. The false-positive detection trigger…
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
TeamPCP compromised multiple npm packages used in SAP's cloud application development environment. The attack group deployed malware dubbed "Mini Shai…
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A threat actor operating under the GitHub account "BufferZoneCorp" deployed poisoned Ruby gems and Go modules targeting software development pipelines…
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
Threat actors compromised PyTorch Lightning on PyPI, publishing malicious versions 2.6.2 and 2.6.3 on April 30, 2026. The poisoned packages targeted c…
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Researchers disclosed DEEP#DOOR, a Python backdoor framework that establishes persistent access and harvests credentials from compromised systems. The…
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated extortion group deployed CanisterWorm, a wiper malicious program targeting systems configured for Iran's time zone or using Fa…
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
U.S., Canadian, and German authorities dismantled infrastructure supporting four botnets that enslaved over three million compromised IoT devices. The…
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
An Iran-linked hacktivist group executed a wiper attack against Stryker Corporation, a Michigan-based medical device manufacturer. The attack forced S…
Fake Reservation Links Prey on Weary Travelers
Threat actors distribute fake travel reservation confirmation links targeting airline and hotel booking platforms. The attack vector exploits traveler…
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
TeamPCP compromised multiple npm packages within SAP's cloud application development ecosystem. The attack, dubbed "Mini Shai-Hulud," represents an ex…
Watering Hole Attacks Push ScanBox Keylogger
APT TA423 conducted watering hole attacks to deploy ScanBox, a JavaScript-based reconnaissance tool. Researchers identified the campaign targeting vic…
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
The GitHub account "BufferZoneCorp" deployed poisoned Ruby gems and Go modules to compromise CI/CD pipelines. The attack used sleeper packages that re…
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
TeamPCP compromised multiple npm packages within SAP's cloud application development ecosystem, expanding the threat actor's supply chain attack campa…
Watering Hole Attacks Push ScanBox Keylogger
APT TA423 conducted watering hole attacks to distribute ScanBox, a JavaScript-based reconnaissance tool. Researchers identified the campaign targeting…
Vidar Rises to Top of Chaotic Infostealer Market
Vidar infostealer now dominates the threat landscape following law enforcement disruptions of competing malware families. The FBI and international pa…
Who is the Kimwolf Botmaster “Dort”?
A security researcher's disclosure of a vulnerability in January 2026 exposed Kimwolf, a massive botnet subsequently weaponized by an operator using t…
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
Multiple security firms detected a supply chain attack targeting SAP-related npm packages. The campaign, attributed to a group calling itself mini Sha…
Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities
# Lotus Wiper Strikes Venezuelan Energy Infrastructure A destructive malware campaign targets Venezuelan energy utilities with a wiper variant called…