Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. [...]
Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. [...]
Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem.
O Google identificou o que considera um marco preocupante na evolução das ameaças digitais: um grupo criminoso teria usado inteligência artificial para descobrir uma vulnerabilidade desconhecida e desenvolver uma exploração contra uma ferramenta amplamente usada de administração …
Sete em cada dez brasileiros foram vítimas de golpe digital nos últimos 12 meses. O dado é do relatório "Estado dos Golpes no Brasil 2025", da Global Anti-Scam Alliance (GASA), que também aponta uma média de 252 tentativas de fraude por pessoa ao longo do ano. É nesse cenário que…
TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign. The affected npm packages have been …
American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities. In…
Production-version patches are coming online and should be installed pronto.
Checkmarx warned over the weekend that a rogue version of its Jenkins Application Security Testing (AST) plugin had been published on the Jenkins Marketplace. [...]
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares. [...]
Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI.
O provedor de governança e gerenciamento de identidades SailPoint detectou, em 20 de abril de 2026, um acesso não autorizado a um subconjunto de seus repositórios GitHub. Em comunicado enviado ontem à Comissão de Valores Mobiliários dos EUA (SEC), a empresa afirmou que sua equipe…
Security controls can do only so much. Here are four attacks where your employees are usually your first, and only, line of cyber defense.
O Google Threat Intelligence Group (GTIG) publicou ontem um relatório documentando, pela primeira vez, um ator de ameaças usando um exploit contra um zero-day desenvolvido com inteligência artificial. O cibercriminoso, segundo relatório do GTIG, planejava usá-la em um evento de e…
Um site falso do Claude, IA da Anthropic, está sendo usado para entregar a backdoor Beagle, de Windows, que estabelece persistência no sistema e consegue executar códigos e roubar dados. A descoberta foi da Malwarebytes, mas uma pesquisa mais aprofundada foi publicada pela empres…
Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. "If you are using Checkmarx Jenkins AST plugin, you need to ensure that you are using the version 2.0.13-829.vc72453fa_1c16 that was published on December 17, 2025 …
A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments. The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager (WHM…
Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerabi…
Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login portals and leave an extortion message. [...]
The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.
Romanian national Gavril Sandu faces up to 30 years in a US prison after extradition over a VOIP vishing and fake debit card fraud scheme.