Malicious code in autotel-plugins (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

MAL-2026-5252 Malicious code in executable-stories-formatters (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

MAL-2026-5264 Malicious code in node-env-resolver-dotenvx (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

Operation-Molasses

🍯 OPERATION MOLASSES PEKMEZ Zencefil Efendi's Cyber Dow...

What Anthropic’s Mythos Means for the Future of Cybersecurity

Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without expert guidance. These were vulnerabilities in key software like operating systems and internet infrastructure tha...

MAL-2026-2827 Malicious code in js-logger-pack (npm)

js-logger-pack is a fake npm logger that the attacker developed openly on the registry over 23 versions across two weeks 2026-04-01 to 2026-04-15. Version 1.1.20, published hours after initial detection, is a re-obfuscation of the same payload with a new hash — same C2, same capabilities. Early...

CVE-2021-28671

Xerox Phaser 6510 before 64.65.51 and 64.59.11 Bridge, WorkCentre 6515 before 65.65.51 and 65.59.11 Bridge, VersaLink B400 before 37.65.51 and 37.59.01 Bridge, B405 before 38.65.51 and 38.59.01 Bridge, B600/B610 before 32.65.51 and 32.59.01 Bridge, B605/B615 before 33.65.51 and 33.59.01 Bridge,...

Weaponized AI Assistants & Credential Thieves

Learn the state of AI and the NPM ecosystem with the recent s1ngularity' weaponized AI for credential theft...

MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that's targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. "Instead of sending unsolicited...

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

The advanced persistent threat APT actor known as Transparent Tribe has been observed targeting both Windows and BOSS Bharat Operating System Solutions Linux systems with malicious Desktop shortcut files in attacks targeting Indian Government entities. "Initial access is achieved through...

Exploit for CVE-2019-1322

COMahawk Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322 Video Demo https://vimeo.com/373051209 Usage Compile or Download from Release https://github.com/apt69/COMahawk/releases 1. Run COMahawk.exe 2. ??? 3. Hopefully profit or 1. COMahawk.exe "custom command to run" ie...

Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an initial payload. The attack chain is a departure from the threat actor's previously documented use of an HTML Application .HTA load...

CVE-2021-28673

Xerox Phaser 6510 before 64.61.23 and 64.59.11 Bridge, WorkCentre 6515 before 65.61.23 and 65.59.11 Bridge, VersaLink B400 before 37.61.23 and 37.59.01 Bridge, B405 before 38.61.23 and 38.59.01 Bridge, B600/B610 before 32.61.23 and 32.59.01 Bridge, B605/B615 before 33.61.23 and 33.59.01 Bridge,...

The Rise of the Drone Boats

Swarms of weaponized unmanned surface vessels have proven formidable weapons in the Black and Red Seas. Can the US military learn the right lessons from it?...

CVE-2024-29019

ESPHome is a system to control microcontrollers remotely through Home Automation systems. API endpoints in dashboard component of ESPHome version 2023.12.9 command line installation are vulnerable to Cross-Site Request Forgery CSRF allowing remote attackers to carry out attacks against a logged...

Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware

UAC-0063: A Russian-linked threat actor targeting Central Asia and Europe with sophisticated cyberespionage campaigns, including weaponized documents, data…...

Intel Officials Warned Police That US Cities Aren’t Ready for Hostile Drones

In a previously unreported August memo, the Department of Homeland Security urged state and local police to conduct exercises to test their ability to respond to weaponized drones...

Your Phone Won’t Be the Next Exploding Pager

Thousands of beepers and two-way radios exploded in attacks against Hezbollah, but mainstream consumer devices like smartphones aren’t likely to be weaponized the same way...

2024 Midyear Threat Landscape Review

As we navigate the complexities of 2024, its crucial to pause and reflect on the evolving threat landscape that surrounds us. This moment offers a unique opportunity to scrutinize our triumphs and missteps, understand the events that have decisively shaped our environment, and consider those that...

Malicious code in ebell (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e8e763e9a652876b90896b11102319e43569b39d2be23d4170446ded6a619b1f --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2024-07-weaponized-golden Reasons based on the campaign: -...