A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware. The campaign, codenamed TrapDoor, spans more than 34 malicious packages across …
Tag:
malware
Researchers have spotted a modular cloud worm that will clear you of any infections by the dangerous supply chain attacker “TeamPCP,” free of charge. The catch: It wants your secrets. …
Safety & Security
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
by David Walker
Ravie LakshmananMar 19, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the functionality and infrastructure of a legitimate program called Cobra DocGuard. …
Safety & Security
Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More
by David Walker
Ravie LakshmananFeb 23, 2026Cybersecurity / Hacking Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the …
Safety & Security
OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks
by David Walker
Security vendor Noma reported that 53% of its enterprise customers gave OpenClaw privileged access over a single weekend, according to a January 30 Gartner analysis. Gartner characterized OpenClaw as “a …
Linux systems may soon be facing a new threat with an advanced, cloud-first malware framework developed by China-affiliated actors that’s aimed at establishing persistent access to cloud and container environments. …
Safety & Security
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence
by David Walker
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims …
Safety & Security
Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads
by David Walker
Cybersecurity researchers are calling attention to a new campaign that’s leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. “These repositories, often themed …
To the victim, the .lnk file looked like it opened a folder or launched a trusted application, but in reality, it could execute an arbitrary script, a dropper, or living-off-the …
Safety & Security
Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly
by David Walker
Nov 05, 2025Ravie LakshmananArtificial Intelligence / Threat Intelligence Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that …
- 1
- 2