Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

BTMOB Android malware service generates custom phishing payloads

An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware ...
Microsoft

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...
Bleeping Computer

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...
SecurityWeek

Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.

‘TrapDoor’ malware targets crypto dev tools in supply chain attack

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.
app.com

ANY.RUN Releases Malware Trends Report for Q4 2025, Highlighting Key Threat Landscape Shifts

DUBAI, DUBAI, UNITED ARAB EMIRATES, January 7, 2026 /EINPresswire.com/ — ANY.RUN, a leading provider of interactive malware analysis and threat intelligence ...
BizTech

How Can Public and Private Key Encryption Protect Private Data?

As part of daily operations, small businesses may need to collect or exchange sensitive data that should be protected. It could be a financial transaction, a mailing address or some other personally ...
Security Boulevard

JDownloader Website Hacked to Replace Installers With Python RAT Malware

The official JDownloader website was compromised between May 6 and May 7, 2026, with attackers replacing Windows and Linux installer download links with malicious payloads. JDownloader is a widely ...
Dark Reading

VoidStealer Malware Darts Past Google Chrome's Encryption

In another sign that browsers continue to be a prime attack target, authors of the VoidStealer Trojan have uncovered a way to bypass a Chrome security feature designed to protect session cookies and ...
IEEE

Experience Report: Using JA4+ Fingerprints for Malware Detection in Encrypted Traffic

Abstract: Detection of malware communications is limited due to encryption. Malware control, updates, and distribution are encapsulated in TLS tunnels, making it difficult to distinguish between ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. As of writing, ...