Latest news

Bitwarden CLI npm Package Compromised in Sophisticated GitHub Actions Supply Chain Attack
Malware

Bitwarden CLI npm Package Compromised in Sophisticated GitHub Actions Supply Chain Attack

28 April 2026 dark6

Security researchers at Socket have confirmed that the official Bitwarden CLI npm package (version 2026.4.0) was tampered with via a...
Read more 0
GlassWorm Escalates: 73 New “Sleeper” Extensions Discovered on Open VSX Marketplace
Malware

GlassWorm Escalates: 73 New “Sleeper” Extensions Discovered on Open VSX Marketplace

27 April 2026 dark6

Aikido Security has identified 73 new GlassWorm "sleeper" extensions on the Open VSX marketplace, marking a dangerous escalation in a...
Read more 0
Malicious npm Package js-logger-pack Turns Hugging Face Into Malware CDN and Data Exfiltration Backend
Malware

Malicious npm Package js-logger-pack Turns Hugging Face Into Malware CDN and Data Exfiltration Backend

24 April 2026 dark6

JFrog Security researchers have uncovered a malicious npm package, js-logger-pack, that uses Hugging Face as both a malware delivery network...
Read more 0
Checkmarx KICS Docker Hub Repo Hijacked: Trojanized Images and VS Code Extensions Harvest Developer Secrets
Malware

Checkmarx KICS Docker Hub Repo Hijacked: Trojanized Images and VS Code Extensions Harvest Developer Secrets

23 April 2026 dark6

Attackers overwrote official Checkmarx KICS tags on Docker Hub and weaponized its VS Code extensions to deploy a credential stealer...
Read more 0
Vercel Confirms OAuth Supply Chain Breach Linked to Context.ai Compromise; ShinyHunters Claims Responsibility
Databreach

Vercel Confirms OAuth Supply Chain Breach Linked to Context.ai Compromise; ShinyHunters Claims Responsibility

23 April 2026 dark6

Vercel has disclosed an internal breach caused by a compromised Context.ai OAuth token harvested via Lumma Stealer. A limited set...
Read more 0
ShinyHunters Breaches Rockstar Games via Supply Chain Attack: 80 Million Records Ransomed, Data Leaked After Deadline
Ransomware

ShinyHunters Breaches Rockstar Games via Supply Chain Attack: 80 Million Records Ransomed, Data Leaked After Deadline

19 April 2026 dark6

ShinyHunters compromised Rockstar Games through a supply chain attack on third-party analytics provider Anodot, stealing 80 million records from Snowflake...
Read more 0
Fake Ledger Live App on Apple’s Mac App Store Steals $9.5 Million in Crypto from 50+ Victims
Cybercrime

Fake Ledger Live App on Apple’s Mac App Store Steals $9.5 Million in Crypto from 50+ Victims

16 April 2026 dark6

A counterfeit Ledger Live app remained live on Apple's Mac App Store for two weeks, tricking users into entering their...
Read more 0
ShinyHunters Breaches Rockstar Games via Third-Party Vendor, Threatens to Leak GTA VI Contracts
Databreach

ShinyHunters Breaches Rockstar Games via Third-Party Vendor, Threatens to Leak GTA VI Contracts

15 April 2026 dark6

ShinyHunters has breached Rockstar Games by exploiting authentication tokens from third-party analytics vendor Anodot to access Snowflake data warehouses. The...
Read more 0
Stryker Corporation Discloses Material Cybersecurity Incident Disrupting Global Manufacturing Operations
Databreach

Stryker Corporation Discloses Material Cybersecurity Incident Disrupting Global Manufacturing Operations

10 April 2026 dark6

Stryker Corporation has disclosed a material cybersecurity incident that disrupted its global manufacturing, commercial, ordering, and distribution systems in March...
Read more 0