Tag: worm
-
New GlassWorm Threat Uses Stealthy Code to Target OpenVSX Extensions
GlassWorm is the world’s first self-propagating worm targeting VS Code extensions in the OpenVSX marketplace, unleashing invisible malicious payloads and decentralized command infrastructure that make it nearly impossible to detect or dismantle. First identified on October 17, 2025, GlassWorm hijacks developer machines via invisible Unicode code, harvests credentials, drains cryptocurrency wallets, and transforms infected systems…
-
Self-Propagating GlassWorm Attacks VS Code Supply Chain
The sophisticated worm, which uses invisible code to steal credentials and turn developer systems into criminal proxies, has so far infected nearly 36k machines. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/self-propagating-glassworm-vs-code-supply-chain
-
âš¡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly, one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.This week’s edition looks at how attackers are changing the game, linking different flaws, working together across borders, and even turning…
-
âš¡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly, one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.This week’s edition looks at how attackers are changing the game, linking different flaws, working together across borders, and even turning…
-
âš¡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field.This recap cuts through the noise to share what really matters”, key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these…
-
âš¡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field.This recap cuts through the noise to share what really matters”, key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these…
-
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-dayCISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
-
ShadowV2 turns DDoS into a cloud-native subscription service
From botnet to business platform: ShadowV2 is not just malware, it is a marketplace. Darktrace uncovered a full operator interface built with Tailwind and FastAPI, complete with Swagger documentation, admin and user privilege tiers, blacklists, and modular attack options. The design mirrors legitimate SaaS platforms, featuring dashboards and animations that make DDoS as easy as…
-
âš¡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More
The security landscape now moves at a pace no patch cycle can match. Attackers aren’t waiting for quarterly updates or monthly fixes”, they adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become the blueprint for tomorrow’s breach.This week’s recap explores the trends driving that…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 63
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SmokeLoader Rises From the Ashes Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm Popular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages Self-replicating Shai-hulud worm spreads…
-
A Dangerous Worm Is Eating Its Way Through Software Packages
Plus: An investigation reveals how US tech companies reportedly helped build China’s sweeping surveillance state, and two more alleged members of the Scattered Spider hacking group were arrested. First seen on wired.com Jump to article: www.wired.com/story/a-dangerous-worm-is-eating-its-way-through-software-packages/
-
Security News This Week: A Dangerous Worm Is Eating Its Way Through Software Packages
Plus: An investigation reveals how US tech companies reportedly helped build China’s sweeping surveillance state, and two more alleged members of the Scattered Spider hacking group were arrested. First seen on wired.com Jump to article: www.wired.com/story/a-dangerous-worm-is-eating-its-way-through-software-packages/
-
New Wave of Self-Replicating NPM Malware Exposes Critical Gaps in Software Supply Chain Security
The Shai-Hulud NPM worm highlights rising open-source supply chain threats. Secure builds with SBOMs, MFA, signed packages, and zero-trust defenses. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/new-wave-of-self-replicating-npm-malware-exposes-critical-gaps-in-software-supply-chain-security/
-
Shai-Hulud Worm – Supply-Chain-Angriff trifft über 180 npm-Pakete
First seen on security-insider.de Jump to article: www.security-insider.de/npm-pakete-supply-chain-angriff-malware-infektion-a-7058d3a07ba5184bbd66002da6001877/
-
New Shai-hulud Worm Infecting npm Packages With Millions of Downloads
ReversingLabs discovers >>Shai-hulud,
-
Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets
Tags: wormA secret-stealing worm is spreading fast across the npm ecosystem, experts have warned First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/supply-chain-worm-hundreds-npm/
-
Self-Replicating Worm Compromising Hundreds of NPM Packages
An ongoing supply chain attack dubbed “Shai-Hulud” has compromised hundreds of packages in the npm repository with a self-replicating worm that steals secrets like API key, tokens, and cloud credentials and sends them to external servers that the attackers control. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/self-replicating-worm-compromising-hundreds-of-npm-packages/
-
Self-Replicating ‘Shai-hulud’ Worm Targets NPM Packages
The newly emerged worm has spread across hundreds of open source software packages, stealing credentials and infecting other components without much direct attacker input. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/self-replicating-shai-hulud-worm-npm-packages
-
Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack
A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/16/self-replicating-worm-hits-180-npm-packages-in-largely-automated-supply-chain-attack/
-
Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack
Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages that belong to multiple maintainers.”The compromised versions include a function (NpmModule.updatePackage) that downloads a package tarball, modifies package.json, injects a local script (bundle.js), repacks the archive, and republishes it, enabling First seen on thehackernews.com…
-
Self-propagating supply chain attack hits 187 npm packages
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign dubbed ‘Shai-Hulud’ started yesterday with the compromise of the @ctrl/tinycolor npm package, and has now expanded to CrowdStrike’s npm namespace. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/self-propagating-supply-chain-attack-hits-187-npm-packages/
-
Self-propagating worm fuels latest npm supply chain compromise
Intrusions bear the same hallmarks as recent Nx mess First seen on theregister.com Jump to article: www.theregister.com/2025/09/16/npm_under_attack_again/
-
China-linked Mustang Panda deploys advanced SnakeDisk USB worm
China-linked APT group Mustang Panda has been spotted using a new USB worm called SnakeDisk along with a new version of known malware China-linked APT group Mustang Panda (aka Hive0154, Camaro Dragon, RedDelta or Bronze President) has been spotted using an updated version of the TONESHELL backdoor and a previously undocumented USB worm called SnakeDisk. Mustang Panda has been active since…
-
Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs
The China-aligned threat actor known as Mustang Panda has been observed using an updated version of a backdoor called TONESHELL and a previously undocumented USB worm called SnakeDisk.”The worm only executes on devices with Thailand-based IP addresses and drops the Yokai backdoor,” IBM X-Force researchers Golo Mühr and Joshua Chung said in an analysis published…
-
China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm
The post China-Aligned Hackers Unleash Upgraded Toneshell and New USB Worm appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/china-aligned-hackers-unleash-upgraded-toneshell-and-new-usb-worm/
-
Mustang Panda Uses SnakeDisk USB Worm and Toneshell Backdoor to Target Air-Gap Systems
IBM X-Force researchers have uncovered sophisticated new malware campaigns orchestrated by the China-aligned threat actor Hive0154, also known as Mustang Panda. The discovery includes an advanced Toneshell backdoor variant that evades detection systems and a novel USB worm called SnakeDisk specifically targeting Thailand-based devices. Enhanced Toneshell Backdoor Evades Detection The latest iteration of Toneshell, dubbed…
-
Grau Data präsentiert auf der it-sa Ransomware-Schutz für Backups mit Blocky for Veeam
Grau Data präsentiert auf der it-sa 2025 seinen Backup-Ransomware-Schutz Blocky for Veeam in der Version 3.5. Die Software ist derzeit der einzige Ransomware-Schutz für Backups, der direkt auf dem Veeam-Windows-Server aufsetzt und mit der erprobten Grau-Data-WORM (Write Once, Read Many) -Technologie einen unveränderlichen Schutzschild für Veeam-Backups erzeugt. Durch den Einsatz der WORM-Technologie verhindert Blocky for…
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
30 Jahre Worms: Wurmkur mit Bazooka-Beigeschmack
Tags: wormDer Spieleklassiker Worms bohrt sich seit 30 Jahren in die Gaming-Geschichte – mal als Mehrspieler-Perle, mal als Solo-Zumutung. First seen on golem.de Jump to article: www.golem.de/news/30-jahre-worms-wurmkur-mit-bazooka-beigeschmack-2508-199088.html