ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. Attacking the...

PT-2026-25063

Massive March 2026 ransomware campaign hits 500+ critical infrastructure orgs, exploiting CVE-2025-6789 in widely used software, demanding over $10M in ransoms. Emergency patches issued. Ransomware https://t.co/2B8WOmFI22...

LummaC2 Infects North Korean Hacker Device Linked to Bybit Heist

LummaC2 infostealer infects North Korean hacker’s device, exposing ties to $1.4B Bybit heist and revealing tools, infrastructure and OPSEC failures...

ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface...

EUVD-2016-8021

Malware in sbrugna...

EUVD-2016-8020

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-7153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote...

Linux Distros Unpatched Vulnerability : CVE-2016-7152

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote...

Malicious code in @malware-test-cagot-heist-ended-total/test-mlw3-cagot-heist-ended-total (npm)

The package @malware-test-cagot-heist-ended-total/test-mlw3-cagot-heist-ended-total was found to contain malicious code...

MAL-2025-35505 Malicious code in test-mlw2-heist-briny (npm)

The package test-mlw2-heist-briny was found to contain malicious code...

MAL-2025-8536 Malicious code in @malware-test-cagot-heist-ended-total/test-mlw3-cagot-heist-ended-total (npm)

The package @malware-test-cagot-heist-ended-total/test-mlw3-cagot-heist-ended-total was found to contain malicious code...

Malicious code in test-mlw2-heist-briny (npm)

The package test-mlw2-heist-briny was found to contain malicious code...

Iran's State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist

Iran's state-owned TV broadcaster was hacked Wednesday night to interrupt regular programming and air videos calling for street protests against the Iranian government, according to multiple reports. It's currently not known who is behind the attack, although Iran pointed fingers at Israel, per...

aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2024-38825 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2024-38822 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2024-38825 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2025-22240 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...

Coinbase Will Reimburse Customers Up to $400 Million After Data Breach

Plus: 12 more people are indicted over a $263 million crypto heist, and a former FBI director is accused of threatening Donald Trump thanks to an Instagram post of seashells...

TraderTraitor: The Kings of the Crypto Heist

Allegedly responsible for the theft of $1.5 billion in cryptocurrency from a single exchange, North Korea’s TraderTraitor is one of the most sophisticated cybercrime groups in the world...

Crypto Heist Suspect “Wiz” Arrested After $243 Million Theft

Veer Chetal, known online as "Wiz" and one of the key suspects in the massive $243 million cryptocurrency heist, has been apprehended by U.S. Marshals...