Latest news

Hackers Weaponize Fake Claude Code Leak to Distribute Vidar Infostealer and GhostSocks Proxy Malware
Malware

Hackers Weaponize Fake Claude Code Leak to Distribute Vidar Infostealer and GhostSocks Proxy Malware

28 April 2026 dark6

Threat actors are using fake GitHub repositories impersonating the leaked Anthropic Claude Code source to deliver a Rust dropper that...
Read more 0
Bitwarden CLI npm Package Compromised in Sophisticated GitHub Actions Supply Chain Attack
Malware

Bitwarden CLI npm Package Compromised in Sophisticated GitHub Actions Supply Chain Attack

28 April 2026 dark6

Security researchers at Socket have confirmed that the official Bitwarden CLI npm package (version 2026.4.0) was tampered with via a...
Read more 0
GlassWorm Escalates: 73 New “Sleeper” Extensions Discovered on Open VSX Marketplace
Malware

GlassWorm Escalates: 73 New “Sleeper” Extensions Discovered on Open VSX Marketplace

27 April 2026 dark6

Aikido Security has identified 73 new GlassWorm "sleeper" extensions on the Open VSX marketplace, marking a dangerous escalation in a...
Read more 0
State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities
Malware

State-Sponsored UAT-4356 Deploys FIRESTARTER Backdoor on Cisco Firepower Devices via Chained N-Day Vulnerabilities

26 April 2026 dark6

Cisco Talos has uncovered an active espionage campaign by state-sponsored group UAT-4356, which chains two Cisco Firepower FXOS vulnerabilities (CVE-2025-20333...
Read more 0
Malicious npm Package js-logger-pack Turns Hugging Face Into Malware CDN and Data Exfiltration Backend
Malware

Malicious npm Package js-logger-pack Turns Hugging Face Into Malware CDN and Data Exfiltration Backend

24 April 2026 dark6

JFrog Security researchers have uncovered a malicious npm package, js-logger-pack, that uses Hugging Face as both a malware delivery network...
Read more 0
Checkmarx KICS Docker Hub Repo Hijacked: Trojanized Images and VS Code Extensions Harvest Developer Secrets
Malware

Checkmarx KICS Docker Hub Repo Hijacked: Trojanized Images and VS Code Extensions Harvest Developer Secrets

23 April 2026 dark6

Attackers overwrote official Checkmarx KICS tags on Docker Hub and weaponized its VS Code extensions to deploy a credential stealer...
Read more 0
Omnistealer Malware Uses Blockchain Permanence to Host Unremovable Payloads, Compromising 300,000 Credentials
Malware

Omnistealer Malware Uses Blockchain Permanence to Host Unremovable Payloads, Compromising 300,000 Credentials

20 April 2026 dark6

A sophisticated new infostealer dubbed Omnistealer embeds its payloads directly into public blockchain transactions on TRON, Aptos, and Binance Smart...
Read more 0
CyberAv3ngers: Iran-Linked IRGC Hackers Target Rockwell PLCs Across U.S. Critical Infrastructure
Malware

CyberAv3ngers: Iran-Linked IRGC Hackers Target Rockwell PLCs Across U.S. Critical Infrastructure

19 April 2026 dark6

A joint CISA advisory warns that Iran-linked CyberAv3ngers (IRGC-CEC) are actively exploiting internet-exposed Rockwell Automation PLCs across U.S. water, energy,...
Read more 0
APT28 Deploys New PRISMEX Malware Suite Against Ukraine and NATO in Sophisticated Espionage Campaign
Malware

APT28 Deploys New PRISMEX Malware Suite Against Ukraine and NATO in Sophisticated Espionage Campaign

18 April 2026 dark6

Russia's APT28 (Fancy Bear) has launched a new campaign deploying the previously undocumented PRISMEX malware framework, which uses steganography, COM...
Read more 0
CERT-UA Exposes APT Malware Campaign Targeting Eastern European Governments and Municipal Hospitals
Malware

CERT-UA Exposes APT Malware Campaign Targeting Eastern European Governments and Municipal Hospitals

17 April 2026 dark6

Ukraine's CERT-UA has disclosed a sophisticated infostealer campaign targeting government bodies and municipal healthcare institutions across Eastern Europe. The malware...
Read more 0
MuddyWater-Linked APT Campaign Scanned 12,000+ Systems Before Striking Middle East Critical Infrastructure
Malware

MuddyWater-Linked APT Campaign Scanned 12,000+ Systems Before Striking Middle East Critical Infrastructure

16 April 2026 dark6

Iran-linked threat group MuddyWater is behind a sophisticated espionage campaign that scanned over 12,000 systems in the Middle East before...
Read more 0
Supply Chain Attack Backdoors Smart Slider 3 Pro: 800,000+ WordPress Sites at Risk
Malware

Supply Chain Attack Backdoors Smart Slider 3 Pro: 800,000+ WordPress Sites at Risk

13 April 2026 dark6

Attackers compromised Nextend's update infrastructure to distribute a weaponized version of Smart Slider 3 Pro (v3.5.1.35) for approximately six hours...
Read more 0