Tag: credential stealer
8 articles

North Korean Hackers Exploit Coding Tests with Steganography-Laced Malware
North Korean hackers are targeting software developers with a sneaky malware attack, hiding steganography-laced payloads in coding tests to steal sensitive data and cryptocurrency. This latest campaign, tracked as REF9403, is just another example of the DPRK's relentless pursuit of valuable information.

Arch Linux AUR Packages Targeted in Credential Stealer Campaign
Malicious actors have hijacked over 400 Arch Linux AUR packages, quietly altering their build scripts to deploy a sneaky Rust credential stealer in a campaign dubbed Atomic Arch. By targeting abandoned packages and preserving their original names and histories, the attackers cleverly evaded detection.

Malware Worms Red Hat npm Packages, Targets Cloud Credentials
A single compromised Red Hat employee's GitHub account was used to seed dozens of Red Hat npm package releases with a self-propagating credential-stealer, putting cloud credentials at risk. The malicious packages, downloaded around 80,000 times a week, are still considered a live threat.
Fortinet Flaw Exploited to Deploy Credential Stealer
Hackers have exploited a critical Fortinet flaw, CVE-2026-35616, to turn trusted systems into a launchpad for a sneaky new credential-stealing campaign. This vulnerability, with a near-perfect CVSS score of 9.1, allowed attackers to bypass security and wreak havoc.

Malicious Laravel-Lang Packages Deliver Cross-Platform Credential Stealer
A massive wave of malicious Laravel-Lang packages, with over 700 versions released in just two days, has been used to spread a sneaky cross-platform credential stealer. Security researchers warn that multiple PHP packages from the Laravel-Lang organization were compromised, hinting at a large-scale breach of the organization's release process.

Mini Shai-Hulud Worm Targets Multiple AI, Dev Packages
Meet the Mini Shai-Hulud worm, a sneaky new malware that's infiltrating AI and development packages through a clever supply-chain attack. This malicious code can steal sensitive data from cloud providers, cryptocurrency wallets, and even popular dev tools like GitHub Actions.

PCPJack Credential Stealer Exploits CVEs to Spread Across Cloud Systems
Meet PCPJack, a sneaky credential stealer that's exploiting vulnerabilities to spread rapidly across cloud systems, swiping sensitive info from services like cloud, finance, and productivity tools. Its operators are after one thing: illicit financial gain.

Malware Worm Exploits npm Packages to Hijack Developer Tokens
Meet CanisterSprawl, a sneaky self-propagating worm that's compromising npm packages and using stolen developer tokens to spread its reach. This malware goes beyond just stealing credentials, turning one infected environment into a web of additional package compromises.