Meteora Web1d ago

🚨 NEWS: Pacchetti Microsoft infettati da credential steeler: l'attacco colpisce gli agenti AI

Ecco i punti chiave in breve:
💡 Per la seconda volta in poche settimane, i repository Microsoft sono stati infiltrati da pacchetti malevoli progettati per rubare credenziali. Un'analisi recente ha scoperto 73 pac...

🚀 LINK: https://meteoraweb.com/news/pacchetti-microsoft-infettati-da-credential-steeler-lattacco-colpisce-gli-agenti-ai

#malware #microsoft #attaccoSupplyChain #sicurezzaAI #credentialStealer

Analyst207May 23

Malicious Laravel-Lang Packages Deliver Cross-Platform Credential Stealer

A massive wave of malicious Laravel-Lang packages, with over 700 versions released in just two days, has been used to spread a sneaky cross-platform credential stealer. Security researchers warn that multiple PHP packages from the Laravel-Lang organization were compromised, hinting at a large-scale breach of the organization's…

https://osintsights.com/malicious-laravel-lang-packages-deliver-cross-platform-credential-stealer?utm_source=mastodon&utm_medium=social

#MalwareOperations #Laravel #CredentialStealer #Php #SupplyChain

Malicious Laravel-Lang Packages Deliver Cross-Platform Credential Stealer

Discover malicious Laravel-Lang packages delivering cross-platform credential stealers and learn how to protect your project - read the details now and take action.

OSINTSights
Marcel SIneM(S)USMay 20
#npm-Wurm #ShaiHulud: Angriff der Klone | Security https://www.heise.de/news/npm-Wurm-Shai-Hulud-Angriff-der-Klone-11299094.html #OpenSource #DDoS #Malware #CredentialStealer
npm-Wurm Shai-Hulud: Angriff der Klone

Die Malware-Autoren hinter dem npm-Wurm Shai-Hulud haben die Quelltexte veröffentlicht. Nun erscheinen die ersten Klone.

heise online
Marcel SIneM(S)USMay 14
#SupplyChain-Angriff auf #TanStack: 42 Pakete kompromittiert | Developer https://www.heise.de/news/Supply-Chain-Angriff-auf-TanStack-42-Pakete-kompromittiert-11290715.html #npm #MiniShaiHulud #Patchday #CredentialStealer
Supply-Chain-Angriff auf TanStack: 42 Pakete kompromittiert

Zahlreiche TanStack-Pakete auf npm haben eine Supply-Chain-Attacke erlitten, offenbar im Rahmen der Angriffswelle „Mini Shai-Hulud“.

heise online
Analyst207May 12

Mini Shai-Hulud Worm Targets Multiple AI, Dev Packages

Meet the Mini Shai-Hulud worm, a sneaky new malware that's infiltrating AI and development packages through a clever supply-chain attack. This malicious code can steal sensitive data from cloud providers, cryptocurrency wallets, and even popular dev tools like GitHub Actions.

https://osintsights.com/mini-shai-hulud-worm-targets-multiple-ai-dev-packages?utm_source=mastodon&utm_medium=social

#SupplyChain #MalwareOperations #CredentialStealer #AiSecurity #Devsecops

Mini Shai-Hulud Worm Targets Multiple AI, Dev Packages

Learn how the Mini Shai-Hulud worm targets AI and dev packages, and take immediate action to secure your supply chain with expert guidance now.

OSINTSights
Analyst207May 7

PCPJack Credential Stealer Exploits CVEs to Spread Across Cloud Systems

Meet PCPJack, a sneaky credential stealer that's exploiting vulnerabilities to spread rapidly across cloud systems, swiping sensitive info from services like cloud, finance, and productivity tools. Its operators are after one thing: illicit financial gain.

https://osintsights.com/pcpjack-credential-stealer-exploits-cves-to-spread-across-cloud-systems?utm_source=mastodon&utm_medium=social

#CredentialStealer #CloudSecurity #EmergingThreats #MalwareOperations #CredentialTheft

PCPJack Credential Stealer Exploits CVEs to Spread Across Cloud Systems

Learn how PCPJack credential stealer exploits CVEs to spread across cloud systems, stealing sensitive data - protect your infrastructure now with expert security tips.

OSINTSights
Analyst207Apr 22

Malware Worm Exploits npm Packages to Hijack Developer Tokens

Meet CanisterSprawl, a sneaky self-propagating worm that's compromising npm packages and using stolen developer tokens to spread its reach. This malware goes beyond just stealing credentials, turning one infected environment into a web of additional package compromises.

https://osintsights.com/malware-worm-exploits-npm-packages-to-hijack-developer-tokens?utm_source=mastodon&utm_medium=social

#NpmMalware #SupplyChain #MalwareWorm #CredentialStealer #Canistersprawl

Malware Worm Exploits npm Packages to Hijack Developer Tokens

Learn how CanisterSprawl, a self-propagating npm worm, exploits packages to hijack developer tokens and take action now to secure your environment effectively.

OSINTSights
jfkNov 24, 2025

Oh no. Here we go again! Another wave of compromised #npm packages. Check your dependencies! This time it even deletes your home directory, if it does not find any secrets 😱

https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomains

And it appears that the worm is quite successful again: https://github.com/search?q=sha1-hulud&type=repositories

#ShaiHulud #Malware #CredentialStealer #SupplyChain #SupplyChainAttack #InfoSec

The threat actors behind Shai Hulud has struck again, hitting Zapier and Ensdomains

A new variant of Shai Hulud has hit Zapier and Ensdomains

Ars Technica NewsSep 22, 2025
Here’s how potent Atomic credential stealer is finding its way onto Macs https://arstechni.ca/Axzs #credentialstealer #malvertising #Security #Biz&IT #atomic #Apple #MacOS #amos
Here’s how potent Atomic credential stealer is finding its way onto Macs

LastPass warns it’s one of the latest to see its well-known brand impersonated.

Ars Technica
Christoffer S.May 31, 2023

Rhadamanthys Stealer has it's own web, I had missed that completely.

Yet another sign that the Stealer market is growing, maturing and getting increasingly professional and an important part of the ecosystem.

#ThreatIntelligence #Stealer #CredentialStealer #Malware