New Ghost Campaign Uses Fake npm Progress Bars to Phish Sudo Passwords
ReversingLabs researchers identify a new Ghost campaign using fake npm install logs and progress bars to phish for sudo passwords and steal crypto wallets from developers.
Quish Splash QR Code Phishing Campaign Hits 1.6 Million Users
7AI research reveals a massive QR code phishing attack that evaded SPF, DKIM, and DMARC. Find out how 1.6 million emails went undetected.
New PXA Stealer Malware Targets Banks, Uses Telegram to Exfiltrate Data
CyberProof researchers have detected a 10% surge in PXA Stealer attacks targeting financial institutions in Q1 2026. Learn…
Acalvio ShadowPlex Review: Deception-Based Preemptive Cybersecurity
This practitioner-focused review covers Acalvio ShadowPlex, a deception-first platform designed to stop attacker progress across IT, cloud, OT,…
Suspected Hijacked Developer Accounts Spread npm Malware
Sonatype uncovers a sophisticated malware campaign using hijacked npm developer accounts to steal API keys and passwords. Is your dev environment at risk?
Mirai Malware Evolves into Hundreds of Variants Driving Botnet Growth
Mirai malware evolves into hundreds of variants, driving botnet growth, including Aisuru and KimWolf, powering large-scale attacks, and increasing risks to vulnerable IoT devices worldwide.
US Bans New Foreign-Made Home Routers Over National Security Fears
The FCC has officially added foreign-made consumer routers to its restricted Covered List, citing major cybersecurity risks. Find out what it means for your current devices.
Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam
OX Security reveals a new phishing campaign targeting GitHub developers. Scammers use fake OpenClaw token giveaways to trick users into connecting and draining their crypto wallets
TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign
Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers.
OVHcloud Founder Denies Massive 590TB Data Breach Claims
OVHcloud denies breach after hacker claims 600TB data theft affecting millions of sites, with experts doubting authenticity due to weak proof