Latest news

Shai-Hulud Malware Expands to npm Ecosystem, Stealing Cloud and CI/CD Credentials From Developers
Malware

Shai-Hulud Malware Expands to npm Ecosystem, Stealing Cloud and CI/CD Credentials From Developers

26 June 2026 dark6

A credential-stealing malware campaign known as Shai-Hulud has expanded to target developers using the Leo/RStreams npm package ecosystem, harvesting GitHub...
Klue Supply Chain Hack Exposes Salesforce Data at Nine Cybersecurity Companies
Databreach

Klue Supply Chain Hack Exposes Salesforce Data at Nine Cybersecurity Companies

23 June 2026 dark6

A supply chain attack on market intelligence platform Klue has compromised Salesforce CRM data across at least nine organizations, including...
Supply Chain Attack Compromises 140+ Mastra npm Packages, Targeting Developer Credentials and Crypto Wallets
Malware

Supply Chain Attack Compromises 140+ Mastra npm Packages, Targeting Developer Credentials and Crypto Wallets

18 June 2026 dark6

A sophisticated supply chain attack has compromised over 141 packages in the Mastra-AI npm ecosystem, including @mastra/core which sees 918,000...
OceanLotus APT (APT32) Compromises FireAnt MetaKit in Targeted Supply-Chain Attack on Vietnamese Stock Investors
Cybercrime

OceanLotus APT (APT32) Compromises FireAnt MetaKit in Targeted Supply-Chain Attack on Vietnamese Stock Investors

12 June 2026 dark6

The Vietnamese state-aligned threat group OceanLotus (APT32) hijacked the update server of popular investment software FireAnt MetaKit to deliver the...
Critical npm Supply Chain Attack: Malicious ‘dbmux’ Package Gives Hackers Full System Control
Malware

Critical npm Supply Chain Attack: Malicious ‘dbmux’ Package Gives Hackers Full System Control

11 June 2026 dark6

A malicious npm package named dbmux was discovered containing malware that gives attackers complete control over any developer system that...
Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens — No Patch Coming
Cybercrime

Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens — No Patch Coming

8 June 2026 dark6

Researchers at Mitiga Labs demonstrated a five-step npm supply chain attack that rewrites ~/.claude.json to redirect Claude Code MCP traffic...
Critical Supply Chain Attack: 31 Red Hat Cloud Services npm Packages Backdoored to Steal Cloud and Dev Credentials
Cybercrime

Critical Supply Chain Attack: 31 Red Hat Cloud Services npm Packages Backdoored to Steal Cloud and Dev Credentials

2 June 2026 dark6

A sophisticated supply chain attack dubbed "Miasma: The Spreading Blight" has backdoored over 30 official @redhat-cloud-services npm packages, deploying credential-stealing...
Attackers Exploit Docker and Kubernetes Misconfigurations to Escape Containers and Seize Host Control
Vulnerability

Attackers Exploit Docker and Kubernetes Misconfigurations to Escape Containers and Seize Host Control

2 June 2026 dark6

Security researchers have documented a wave of attacks exploiting Docker and Kubernetes misconfigurations to break out of containers and take...
Massive Supply Chain Attack: Poisoned VS Code Extension and “Megalodon” Campaign Steal Credentials from Millions of Developers
Cybercrime

Massive Supply Chain Attack: Poisoned VS Code Extension and “Megalodon” Campaign Steal Credentials from Millions of Developers

1 June 2026 dark6

Two coordinated supply chain attacks poisoned the Nx Console VS Code extension (2.2M installs) and backdoored 5,561 GitHub repositories simultaneously,...
Malicious npm Package forge-jsxy Pushes 22 Versions in 22 Days to Steal Crypto Wallets and Deploy Persistent Backdoor
Malware

Malicious npm Package forge-jsxy Pushes 22 Versions in 22 Days to Steal Crypto Wallets and Deploy Persistent Backdoor

29 May 2026 dark6

The npm package forge-jsxy quietly stole cryptocurrency wallet keys, browser credentials, and developer data across Windows, macOS, and Linux —...
Grafana GitHub Breach: TanStack npm Supply Chain Attack Leads to Source Code Theft and Ransom Demand
Databreach

Grafana GitHub Breach: TanStack npm Supply Chain Attack Leads to Source Code Theft and Ransom Demand

27 May 2026 dark6

Grafana Labs has confirmed a ransomware-linked breach of its GitHub environment traced to the TanStack npm supply chain compromise. Attackers...
TeamPCP Poisons Microsoft’s Official Python DurableTask SDK — Multi-Cloud Credential Worm Hits PyPI
Cybercrime

TeamPCP Poisons Microsoft’s Official Python DurableTask SDK — Multi-Cloud Credential Worm Hits PyPI

27 May 2026 dark6

The TeamPCP threat group has compromised three consecutive versions of Microsoft's official Python DurableTask SDK on PyPI, injecting a worm-like...