MAL-2026-3979 Malicious code in @antv/g2-ssr (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

APT attacks: Exploring Advanced Persistent Threats and their evasive techniques

Cyber criminals come in all shapes and sizes. On one end of the spectrum, theres the script kiddie or inexperienced ransomware gang looking to make a quick buck. On the other end are state-sponsored groups using far more sophisticated tactics--often with long-term, strategic goals in mind. Advanc...

Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks

The threat actor known as Arid Viper has been observed using refreshed variants of its malware toolkit in its attacks targeting Palestinian entities since September 2022. Symantec, which is tracking the group under its insect-themed moniker Mantis, said the adversary is "going to great lengths to...

Gen. Nakasone on US Cyber Command

Really interesting article by and interview with Paul M. Nakasone Commander of US Cyber Command, Director of the National Security Agency, and Chief of the Central Security Service in the current issue of Joint Forces Quarterly. He talks about the evolving role of US Cyber Command, and its new...

FAKEM RAT Mimics Normal Network Traffic

A family of remote access Trojans RATs known as FAKEM has been evading detection for more than three years by camouflaging themselves as legitimate network traffic. Nate Villeneuve, a senior threat researcher at Trend Micro, said that remote access Trojans are a favorite among attackers seeking t...