TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian state-sponsored threat group known as...

EUVD-2025-179862

Malicious code in castor-callisto-miranda-quasar npm...

EUVD-2025-179893

Malicious code in callisto-hyperion-dactyl-equinox npm...

EUVD-2025-177843

Malicious code in middleware-exec-callisto-postcss-loader npm...

EUVD-2025-177694

Malicious code in nconf-aurora-ionosphere-callisto npm...

MAL-2025-186020 Malicious code in castor-callisto-miranda-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 642a0e3b58478b1752d42ebe06e3728a14dd0d553d9e35c2c8bf429b0d2670e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177445

Malicious code in ophiuchus-callisto-semantic-ui-lynx npm...

EUVD-2025-179809

Malicious code in ceres-petrology-callisto-shelljs npm...

EUVD-2025-179890

Malicious code in callisto-module-module-antares npm...

EUVD-2025-179891

Malicious code in callisto-meissa-centaurus-sync npm...

EUVD-2025-179896

Malicious code in callisto-enif-cryonics-dotenv-parse-variables npm...

EUVD-2025-179894

Malicious code in callisto-europa-relay-bootes npm...

EUVD-2025-177740

Malicious code in mui-norma-callisto-terser-webpack-plugin npm...

MAL-2025-186073 Malicious code in ceres-petrology-callisto-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ef236e8eb1b727325a3aa33594675cd45f7056b4eeb66de2ec6f4c3717e7eb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175922

Malicious code in tool-callisto-betelgeuse-axios npm...

EUVD-2025-177579

Malicious code in node-config-callisto-comet-eslint-plugin npm...

EUVD-2025-178167

Malicious code in lacerta-auth0-callisto-dorado npm...

EUVD-2025-177044

Malicious code in process-callisto-superagent-quark npm...

EUVD-2025-176348

Malicious code in slides-callisto-algol-sagitta npm...

EUVD-2025-179888

Malicious code in callisto-sirius-farout-multiverse npm...