· about 11 hours ago· Ars Technica
Massive Indian Botnet Disrupted, 17 Million Devices Seized Online
The botnet was reportedly tied to a Russia-based residential proxy network.
#botnet#cybersecurity#malware#network-security
Topic
#malware
17 articles found
· about 24 hours ago· The Hacker News
Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026. "Kimsuky employed a range of tailored social engineering tactics, such as spoo
#cybersecurity#north-korea#malware#threat-actor#espionage
· 1 day ago· ZDNet
Perplexity unveils Bumblebee: A unique read-only dev scanner surpassing Chainguard
The AI company's Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have this malware installed?
#ai#dev-tools#malware#supply-chain#cybersecurity
· 1 day ago· SecurityWeek
Russia-Backed Hackers Leverage AI to Launch Devastating Cyber Warfare Assault
Researchers warn GreyVibe’s extensive use of ChatGPT, Gemini, and other AI tools offers a glimpse into how future cybercriminal and state-aligned groups will operate. The post Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks appeared first on SecurityWeek.
#cybersecurity#ai#russia#cyberattacks#malware
· 2 days ago· Dev.to
Analysis temporarily unavailable. Please try again in a moment.
Like a lot of developers in this market, I’ve been taking freelance assessments and Discord job leads more seriously than I normally would. One of those assessments turned into a malware investigation. One day, I saw a post in a Discord server looking for a fullstack dev. I pitched. The reply looked
#cloud-security#malware#svg-files#freelance-developers
· 3 days ago· Cybersecurity Dive
Glassworm Botnet Disrupted in Major Global Cybersecurity Operation
The botnet began in early 2025, targeting software developers across the open-source supply chain.
#botnet#cybersecurity#open-source#malware#threat-intelligence
· 3 days ago· Bleeping Computer
Glassworm botnet dismantled following effective C2 infrastructure crackdown
The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network. [...]
#botnet#cybersecurity#supply-chain-attacks#blockchain#malware
· 3 days ago· The Hacker News
GlassWorm Malware Disruption Impacts Developer Supply Chain Operations
CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. "Since
#malware#cybersecurity#supply-chain-security#threat-intelligence
· 3 days ago· MediaNama
CERT-In unveils strategy to combat AI-driven cyber threats in India
CERT-In has released a new blueprint detailing how organisations should defend against AI-assisted cyber threats, including deepfake attacks and AI-generated malware. The post CERT-In releases blueprint for defending against AI-assisted cyber threats appeared first on MEDIANAMA.
#ai#cybersecurity#deepfake#malware#india
· 3 days ago· SecurityWeek
GlassWorm Botnet Neutralized in Major Security Operation
Security firms took down all four command-and-control (C&C) channels used by the GlassWorm malware. The post GlassWorm Botnet Disrupted appeared first on SecurityWeek.
#cybersecurity#malware#botnet#threat-intelligence
· 3 days ago· SecurityWeek
AI Assistants Hijacked to Deliver Stealthy Supply Chain Attacks
Malicious repositories and disguised symlinks can trick AI coding agents into silently installing attacker-controlled MCP servers capable of stealing secrets, compromising CI pipelines, and deploying malicious code. The post ‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery S
#ai-security#supply-chain-attacks#malware#cybersecurity#ai-coding
· 3 days ago· Bleeping Computer
Zero-day vulnerability in KnowledgeDeliver enables web shell installation
Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. [...]
#zero-day#cybersecurity#web-shells#vulnerability#malware
· 3 days ago· Dark Reading
Unveiling the Masters Behind Shai-Hulud: A Tale of Skill or Luck
TeamPCP, the hackers behind the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it's not necessarily due to skill alone.
#cybersecurity#hacking#malware#opensource
· 3 days ago· Decrypt
Analysis temporarily unavailable. Please try again in a moment.
Cybercriminals are weaponizing the hype surrounding Grand Theft Auto 6, flooding the internet with GTA phishing traps and malware.
#gta-6#phishing#cybersecurity#malware#cryptocurrency-threats
· 4 days ago· Dev.to
Analysis temporarily unavailable. Please try again in a moment.
On April 29th, Aikido researchers detected multiple compromised Node.js packages in SAP's namespace today. The malware adapts to CI environments, steals GitHub personal access tokens, and uses them to self-propagate—a pattern consistent with recent supply-chain attacks. Between May 11th and May 12th
#cloud#supply-chain#malware#cybersecurity#nodejs
· 4 days ago· The Hacker News
Iranian Cybercriminals Utilize MiniFast and MiniJunk V2 Through Phishing Tactics
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli mi
#iranian-hackers#phishing#cybersecurity#malware#seo-poisoning
· 5 days ago· SecurityWeek
Megalodon Malware Targets Over 5,500 GitHub Repositories in Devastating Supply Chain Hit
Fake automated commits injected GitHub Actions workflows containing payloads to steal credentials, CI secrets, keys, and tokens. The post Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack appeared first on SecurityWeek.
#supply-chain-attacks#github-security#malware#credentials-theft#cybersecurity