The Qilin ransomware group appears to be running the most powerful EDR killer available today, with the capability to terminate over 300 different EDR drivers from almost every vendor in the market

https://blog.talosintelligence.com/qilin-edr-killer/

Axios project admin Jason Saayman says he lost access to the project through a social engineering attack where a threat actor lured him to collaborate on another project but infected him with malware that stole cookies, tokens, and credentials from his system

https://github.com/axios/axios/issues/10604#issuecomment-4167784086

Watching the livestream of the Artemis II launch, I just witnessed one of the astronauts type in the password on their tablet while sitting in the capsule on camera.

#ArtemisII #Artemis #Artemis2 #NASA #InfoSec #cybersecurity #OpSec #Privacy #SpaceExploration

(crowdstrike.com) STARDUST CHOLLIMA Compromises Axios npm Package with Updated ZshBucket Malware in Supply Chain Attack

STARDUST CHOLLIMA (DPRK) compromised the Axios npm package (100K+ weekly downloads) via stolen maintainer credentials, deploying updated ZshBucket malware targeting Linux/macOS/Windows in a supply chain attack.

In brief - A DPRK-nexus threat actor conducted a supply chain compromise of the widely used Axios npm package, deploying cross-platform ZshBucket malware variants. The attack aligns with currency generation objectives, leveraging stolen credentials and infrastructure linked to prior STARDUST CHOLLIMA and FAMOUS CHOLLIMA operations.

Technically - The updated ZshBucket variants introduce a JSON-based C2 protocol, enabling binary payload injection, arbitrary command execution, and file system enumeration. macOS variants reuse legacy code while Windows/Linux versions expand capabilities. C2 infrastructure sfrclak[.]com (142.11.206[.]73) shares host banner hashes (c373706b3456c36e8baa0a3ee5aed358c1fe07cba04f65790c90f029971e378a) with known STARDUST CHOLLIMA (23.254.203[.]244) and FAMOUS CHOLLIMA (23.254.167[.]216) IPs, confirming attribution.

Source: https://www.crowdstrike.com/en-us/blog/stardust-chollima-likely-compromises-axios-npm-package/

#Cybersecurity #ThreatIntel

„By Wednesday morning, Anthropic representatives had used a copyright takedown request to force the removal of more than 8,000 copies and adaptations of the raw Claude Code instructions—known as source code—that developers had shared on programming platform GitHub.“

Because if there’s one thing GenAI companies absolutely don’t take lightly, it’s copyright.

https://www.wsj.com/tech/ai/anthropic-races-to-contain-leak-of-code-behind-claude-ai-agent-4bc5acc7

Age verification clearly doesn't belong into #systemd. We should have never merged this. Instead this should be incrementally added to the kernel itself. I'm doing my part:

https://lore.kernel.org/all/20260401-i-hope-someone-believes-this-is-real-04f24e03944e@brauner