HACKING CATEGORY MALWARE 

HAI() | COMMUNICATION() | HACKING() | HARDWARE() | LAN() | MALWARE() | MOBIL() | OS() | SOFTWARE() | WEB()

DATE NAME INFO CATEGORY SUBCATE
11.06.2026 NPM Ignore Scripts Best NPM Ignore Scripts Best Practices as Security Mitigation for Malicious Packages HACKING Malicious package
06.06.2026 TanStack Supply Chain Attack On 11 May 2026, the threat actor group TeamPCP compromised 42 TanStack npm packages by chaining three GitHub Actions vulnerabilities to hijack the project's legitimate CI/CD pipeline. The attackers then published 84 malicious package versions carrying valid SLSA Build Level 3 provenance attestations, making them indistinguishable from legitimate releases by standard verification methods. HACKING Malicious package
03.06.2026 1-Click GitHub Token Stealing via a VSCode Bug Just by clicking a link, it’s possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones.  HACKING SCRIPT
23.04.2026 Checkmarx KICS images Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions HACKING Malicious
08.04.2026 Python-Based Backdoor and Changes in Distribution Techniques Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group) HACKING MALWARE
08.04.2026 Handala Handala: MOIS Linked Cyber Influence Ecosystem Threat Intelligence Assessment HACKING MALWARE
08.04.2026 DPRK Malware Modularity DPRK Malware Modularity: Diversity and Functional Specialization HACKING MALWARE
08.04.2026 Qilin EDR killer infection chain Endpoint detection and response (EDR) tools are widely deployed and far more capable than traditional antivirus. As a result, attackers use EDR killers to disable or bypass them. HACKING RANSOMWARE
10.03.2026 GhostClaw GhostClaw Unmasked: A Malicious npm Package Impersonating OpenClaw to Steal Everything HACKING MALWARE
20.02.2026 AgreeToSteal AgreeToSteal: The First Malicious Outlook Add-In Leads to 4,000 Stolen Credentials HACKING Malicious 
13.12.2025 EtherHiding Hiding Web2 Malicious Code in Web3 Smart Contracts HACKING MALWARE
15.11.2025 Remote Wipe Tactics Targeting Android Devices The Genians Security Center (GSC) has identified new attack activity linked to the KONNI APT campaign, which is known to be associated with the Kimsuky or APT37 groups.  HACKING MALWARE
03.11.2025 Tap-and-Steal Tap-and-Steal: The Rise of NFC Relay Malware on Mobile Devices HACKING Malware
26.10.2025 EtherHiding Hiding Web2 Malicious Code in Web3 Smart Contracts HACKING Malware
24.08.2025 DOM-based Extension Clickjacking DOM-based Extension Clickjacking: Your Password Manager Data at Risk HACKING CRYPTOCURRENCY
21.08.2025 DOM-based Extension Clickjacking DOM-based Extension Clickjacking: Your Password Manager Data at Risk HACKING CRYPTOCURRENCY
04.04.2025 ClickFix tactic From Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tactic HACKING CRYPTOCURRENCY
02.04.2025 CPU_HU: Fileless cryptominer CPU_HU: Fileless cryptominer targeting exposed PostgreSQL with over 1.5K victims HACKING CRYPTOCURRENCY
01.04.2025 Earth Alux The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques HACKING CyberSpionage
27.03.2025 UI/UX changes Over 150K websites hit by full-page hijack linking to Chinese gambling sites HACKING INJECT
20.03.2025 Auto Dealership Supply Chain Attack Over 100 auto dealerships were being abused compliments of a supply chain attack of a shared video service unique to dealerships.  HACKING MALWARE
28.11.2024 Dozens of Machines Infected Dozens of Machines Infected: Year-Long NPM Supply Chain Attack Combines Crypto Mining and Data Theft HACKING Crypto Mining
05.09.2024 Macropack Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads HACKING Malware
30.08.2024 Malicious npm Packages North Korea Still Attacking Developers via npm HACKING Malware
09.07.2024 Jenkins Script Console Turning Jenkins Into a Cryptomining Machine From an Attacker's Perspective HACKING CRYPTOCURRENCY
28.05.2024 Server Side Credit Card Skimmer Lodged in Obscure Plugin Attackers are always finding new ways to inject malware into websites and new ways to obscure it to avoid detection, but they’re always up to their same old tricks. In this post, we’ll explore how attackers are using a very obscure PHP snippet WordPress plugin to install server-side malware to harvest credit card details from a WooCommerce online store.  HACKING inject malware
27.05.2024 HTML Smuggling HTML smuggling is an innovative attack technique, which abuses HTML5 and JavaScript features to inject or extract data across network boundaries.  HACKING HTML
11.04.2024 Trick Developers Detected in an Open Source Supply Chain Attack In a recent attack campaign, cybercriminals were discovered cleverly manipulating GitHub's search functionality, and using meticulously crafted repositories to distribute malware.  HACKING inject malware