Malware

4 minute read

TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages

Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

byDeeba Ahmed

May 13, 2026

3 minute read

Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware

Operation HumanitarianBait uses fake aid documents, GitHub-hosted payloads, and Python spyware to target Russian-speaking victims.

byDeeba Ahmed

May 12, 2026

2 minute read

Google Says Hackers Used AI to Develop a Zero-Day Exploit

Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI.

byDeeba Ahmed

May 11, 2026

3 minute read

Hackers Trick DigiCert Into Issuing Certificates Used to Sign Malware

DigiCert revokes 60 code signing certificates after hackers used a malicious support chat attachment to sign the Zhong Stealer malware.

byDeeba Ahmed

May 10, 2026

2 minute read

Hackers Hijack JDownloader Site to Deliver Malware Through Installers

JDownloader confirms a security breach where hackers manipulated official download links to distribute malicious files between 6 and 7 May 2026.

byDeeba Ahmed

May 10, 2026

2 minute read

Fake macOS Troubleshooting Sites Used to Steal iCloud Data in ClickFix Scam

Microsoft researchers warn of a new ClickFix campaign targeting macOS with fake guides on Medium and Craft to deploy AMOS and SHub Stealer via Terminal commands.

byDeeba Ahmed

May 8, 2026

2 minute read

Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware

Researchers have discovered a new malvertising campaign using a fake Claude AI website to plant a new, undocumented backdoor named Beagle on user devices.

byDeeba Ahmed

May 7, 2026

Why Outdated Maintenance Software Is a Growing Ransomware Risk

7 minute read

Security

Why Outdated Maintenance Software Is a Growing Ransomware Risk

Outdated maintenance software increases ransomware risk by exposing weak access controls, unpatched systems, and critical operational data to attackers.

byUzair Amir

May 7, 2026

2 minute read

FEMITBOT Network Abuses Telegram Mini Apps for Crypto Scams and Android Malware

A massive fraud network called FEMITBOT uses Telegram Mini Apps and fake brand names like Apple, Disney, and…

byDeeba Ahmed

May 5, 2026

2 minute read

45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation

SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks.

byDeeba Ahmed

May 1, 2026

The Latest

TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages

Slovakian Admin of Dark Web Kingdom Market Jailed for 16 Years in US

Why Canadian Telecom Providers Are Prime Targets for Cyberattacks

Canvas Hackers ShinyHunters Say Their Official Domain Was Suspended

Malware

TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages

Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware

Google Says Hackers Used AI to Develop a Zero-Day Exploit

Hackers Trick DigiCert Into Issuing Certificates Used to Sign Malware

Hackers Hijack JDownloader Site to Deliver Malware Through Installers

Fake macOS Troubleshooting Sites Used to Steal iCloud Data in ClickFix Scam

Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware

Why Outdated Maintenance Software Is a Growing Ransomware Risk

FEMITBOT Network Abuses Telegram Mini Apps for Crypto Scams and Android Malware

45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation

Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program

LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations

Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations

Brinker Introduces a Novel Approach to Deepfake Detection

BreachLock Named Representative Vendor in the 2026 Gartner Market Guide for Adversarial Exposure Validation