Latest news

Malicious npm Package forge-jsxy Pushes 22 Versions in 22 Days to Steal Crypto Wallets and Deploy Persistent Backdoor
Malware

Malicious npm Package forge-jsxy Pushes 22 Versions in 22 Days to Steal Crypto Wallets and Deploy Persistent Backdoor

29 May 2026 dark6

The npm package forge-jsxy quietly stole cryptocurrency wallet keys, browser credentials, and developer data across Windows, macOS, and Linux —...
Read more 0
Grandoreiro Banking Trojan Returns: Targeting Portuguese Banks and Latin American Companies With Dual Campaigns
Malware

Grandoreiro Banking Trojan Returns: Targeting Portuguese Banks and Latin American Companies With Dual Campaigns

29 May 2026 dark6

The long-running Grandoreiro banking trojan has resurfaced with two active campaigns — one using DLL Side-Loading via cloud infrastructure and...
Read more 0
Hackers Use Fake ChatGPT and Claude Installers to Deploy DinDoor Backdoor
Malware

Hackers Use Fake ChatGPT and Claude Installers to Deploy DinDoor Backdoor

29 May 2026 dark6

Cybercriminals are distributing trojanized AI application installers on GitHub and SourceForge, luring victims with fake ChatGPT and Claude desktop apps...
Read more 0
NightSpire Ransomware Exploits RDP and Remote Admin Tools to Hit 64 Organizations in 33 Countries
Ransomware

NightSpire Ransomware Exploits RDP and Remote Admin Tools to Hit 64 Organizations in 33 Countries

28 May 2026 dark6

NightSpire ransomware has hit at least 64 organizations across 33 countries by exploiting Remote Desktop Protocol access and installing legitimate...
Read more 0
Seedworm (MuddyWater) APT Abuses Signed Security Binaries in Global Espionage Campaign Across 9 Countries
Cybercrime

Seedworm (MuddyWater) APT Abuses Signed Security Binaries in Global Espionage Campaign Across 9 Countries

28 May 2026 dark6

Iran-linked Seedworm (MuddyWater) APT has been caught running a broad espionage campaign against at least 9 organizations across 9 countries...
Read more 0
Tycoon 2FA Phishing Kit Bypasses MFA at Scale — 62% of Microsoft 365 Phishing Attempts Linked to Single Threat Actor
Phishing

Tycoon 2FA Phishing Kit Bypasses MFA at Scale — 62% of Microsoft 365 Phishing Attempts Linked to Single Threat Actor

28 May 2026 dark6

The Tycoon 2FA phishing-as-a-service kit, operated by threat actor Storm-1747, is bypassing multi-factor authentication on Microsoft 365 and Google Workspace...
Read more 0
BadHost (CVE-2026-48710): Critical Authentication Bypass Threatens Thousands of AI Agent Applications
Vulnerability

BadHost (CVE-2026-48710): Critical Authentication Bypass Threatens Thousands of AI Agent Applications

28 May 2026 dark6

A newly disclosed critical vulnerability dubbed 'BadHost' (CVE-2026-48710) enables attackers to bypass authentication in FastAPI and Starlette-based AI applications through...
Read more 0
Fox Tempest: Microsoft DCU Dismantles Malware-Signing-as-a-Service That Forged Trusted Certificates for Ransomware Groups
Cybercrime

Fox Tempest: Microsoft DCU Dismantles Malware-Signing-as-a-Service That Forged Trusted Certificates for Ransomware Groups

27 May 2026 dark6

Microsoft's Digital Crimes Unit has disrupted Fox Tempest, a criminal malware-signing-as-a-service operation that abused Microsoft's Artifact Signing infrastructure to issue...
Read more 0
Grafana GitHub Breach: TanStack npm Supply Chain Attack Leads to Source Code Theft and Ransom Demand
Databreach

Grafana GitHub Breach: TanStack npm Supply Chain Attack Leads to Source Code Theft and Ransom Demand

27 May 2026 dark6

Grafana Labs has confirmed a ransomware-linked breach of its GitHub environment traced to the TanStack npm supply chain compromise. Attackers...
Read more 0
Void Botnet Routes Commands Through Ethereum Smart Contracts to Evade Law Enforcement Takedowns
Malware

Void Botnet Routes Commands Through Ethereum Smart Contracts to Evade Law Enforcement Takedowns

27 May 2026 dark6

A new Rust-based botnet sold on cybercrime forums uses Ethereum smart contracts as its command-and-control channel, making traditional infrastructure takedowns...
Read more 0
TeamPCP Poisons Microsoft’s Official Python DurableTask SDK — Multi-Cloud Credential Worm Hits PyPI
Cybercrime

TeamPCP Poisons Microsoft’s Official Python DurableTask SDK — Multi-Cloud Credential Worm Hits PyPI

27 May 2026 dark6

The TeamPCP threat group has compromised three consecutive versions of Microsoft's official Python DurableTask SDK on PyPI, injecting a worm-like...
Read more 0
Russian Hacker Builds Persistent Gemini Jailbreak to Power Influence Campaign, Credential Theft, and Crypto Wallet Draining
Cybercrime

Russian Hacker Builds Persistent Gemini Jailbreak to Power Influence Campaign, Credential Theft, and Crypto Wallet Draining

26 May 2026 dark6

A Russian-speaking threat actor tracked as "bandcampro" has been exposed using a persistently jailbroken Google Gemini CLI to power a...
Read more 0