Skip to main content

Tag: credential stealer

8 articles

A coding test setup in a brightly-lit computer lab with a laptop and blank screen.

North Korean Hackers Exploit Coding Tests with Steganography-Laced Malware

North Korean hackers are targeting software developers with a sneaky malware attack, hiding steganography-laced payloads in coding tests to steal sensitive data and cryptocurrency. This latest campaign, tracked as REF9403, is just another example of the DPRK's relentless pursuit of valuable information.

Analyst 207
Dimly lit computer terminal in a quiet workspace with blurred background elements.

Arch Linux AUR Packages Targeted in Credential Stealer Campaign

Malicious actors have hijacked over 400 Arch Linux AUR packages, quietly altering their build scripts to deploy a sneaky Rust credential stealer in a campaign dubbed Atomic Arch. By targeting abandoned packages and preserving their original names and histories, the attackers cleverly evaded detection.

Analyst 207
Server room with rows of computer servers and cables, laptops in foreground with some monitors displaying code or data.

Malware Worms Red Hat npm Packages, Targets Cloud Credentials

A single compromised Red Hat employee's GitHub account was used to seed dozens of Red Hat npm package releases with a self-propagating credential-stealer, putting cloud credentials at risk. The malicious packages, downloaded around 80,000 times a week, are still considered a live threat.

Analyst 207

Fortinet Flaw Exploited to Deploy Credential Stealer

Hackers have exploited a critical Fortinet flaw, CVE-2026-35616, to turn trusted systems into a launchpad for a sneaky new credential-stealing campaign. This vulnerability, with a near-perfect CVSS score of 9.1, allowed attackers to bypass security and wreak havoc.

Analyst 207
Cluttered desk with laptop showing PHP project, surrounded by coffee cups and coding notes in a modern office.

Malicious Laravel-Lang Packages Deliver Cross-Platform Credential Stealer

A massive wave of malicious Laravel-Lang packages, with over 700 versions released in just two days, has been used to spread a sneaky cross-platform credential stealer. Security researchers warn that multiple PHP packages from the Laravel-Lang organization were compromised, hinting at a large-scale breach of the organization's release process.

Analyst 207
Cluttered tech workspace with laptop and development tools on a desk.

Mini Shai-Hulud Worm Targets Multiple AI, Dev Packages

Meet the Mini Shai-Hulud worm, a sneaky new malware that's infiltrating AI and development packages through a clever supply-chain attack. This malicious code can steal sensitive data from cloud providers, cryptocurrency wallets, and even popular dev tools like GitHub Actions.

Analyst 207
Rows of computer servers and storage equipment in a neutral-colored data center with industrial flooring and cable…

PCPJack Credential Stealer Exploits CVEs to Spread Across Cloud Systems

Meet PCPJack, a sneaky credential stealer that's exploiting vulnerabilities to spread rapidly across cloud systems, swiping sensitive info from services like cloud, finance, and productivity tools. Its operators are after one thing: illicit financial gain.

Analyst 207
Security analysts respond to a cyber threat in a brightly-lit operations center with laptops and screens displaying code…

Malware Worm Exploits npm Packages to Hijack Developer Tokens

Meet CanisterSprawl, a sneaky self-propagating worm that's compromising npm packages and using stolen developer tokens to spread its reach. This malware goes beyond just stealing credentials, turning one infected environment into a web of additional package compromises.

Analyst 207