7+ hour, 55+ min ago  (446+ words) Nozomi Networks Labs published critical research detailing three new vulnerabilities in the CODESYS Control runtime. When chained together, these security flaws allow an authenticated attacker with low-level privileges to replace a legitimate industrial control application with a backdoored version. Ultimately,…...

5+ hour, 22+ min ago  (465+ words) A newly uncovered npm malware campaign is targeting packages linked to Namastex Labs, abusing developer trust to steal sensitive secrets and silently spread across both npm and Py PI ecosystems. The malicious activity centers on Namastex. ai, a company that…...

5+ hour ago  (309+ words) A previously unknown cyber sabotage framework called fast16, whose core components date back to 2005. This makes it the earliest known sabotage malware of its kind, predating the infamous Stuxnet worm by at least five years. The fast16 framework consists of two primary…...

3+ day, 2+ hour ago  (688+ words) Hackers are experimenting with a new Telegram'focused session stealer that hides in a Pastebin'hosted Power Shell script posing as a Windows telemetry update, giving defenders a rare view into how such tools are built and tested. The script does not…...

3+ day, 5+ hour ago  (210+ words) A high-severity security vulnerability has been discovered in Python's'asyncio'module on Windows, potentially allowing attackers to write data beyond the boundaries of an allocated memory buffer. The root cause is a missing boundary check on the data buffer when the optional'nbytes'parameter…...

3+ day, 7+ hour ago  (632+ words) Hackers are using Telegram bots and AI tooling to run a structured, at-scale exploitation campaign abusing the critical React2 Shell vulnerability (CVE-2025-55182), with evidence of 900+ confirmed compromises. Investigators found an exposed server tied to the Bissa scanner platform, used for multi-victim…...

4+ day, 2+ hour ago  (600+ words) Malicious npm package'js-logger-pack'is now abusing Hugging Face not just as a malware CDN, but also as a live exfiltration backend for stolen data, turning a popular AI platform into part of a full-featured cross'platform implant chain. Earlier campaign phases already…...

4+ day, 5+ hour ago  (300+ words) A severe supply chain attack has compromised the popular Python package Xinference, exposing developers to massive data theft. Threat actors uploaded malicious versions of the tool to the Python Package Index (Py PI), embedding a heavily obfuscated infostealer into the…...

4+ day, 6+ hour ago  (280+ words) A massive software supply chain attack has targeted the official Checkmarx KICS (Keeping Infrastructure as Code Secure) Docker Hub repository. The compromised KICS images were bundled with a modified Golang binary. This binary was engineered to generate uncensored Infrastructure as…...

5+ day, 27+ min ago  (771+ words) A coordinated malware operation is abusing fake Git Hub repositories to distribute a Lua JIT-based loader, Smart Loader, and a follow-on Steal C infostealer, with at least 109 malicious repos active across 103 accounts. The campaign blends cloned open source code, obfuscated…...