North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

03/07/2026 0 Comments 0 tags

Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

03/07/2026 0 Comments 0 tags

A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. “Armored Likho

European Parliament Member Investigating Spyware Was Hacked With Pegasus

03/07/2026 0 Comments 0 tags

A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while

PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords

03/07/2026 0 Comments 0 tags

Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data. The stealer, discovered by Jamf

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

02/07/2026 0 Comments 0 tags

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. “Although tactics differ between affiliates, common patterns emerged

Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices

02/07/2026 0 Comments 0 tags

Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people’s traffic. Working with the FBI, Lumen, and others, Google’s Threat

ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories

02/07/2026 0 Comments 0 tags

This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone

ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API

02/07/2026 0 Comments 0 tags

The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that’s designed to gain surreptitious access to a victim’s email correspondence via the Google API.

Identity Lifecycle Management Wasn’t Built for AI Agents 

02/07/2026 0 Comments 0 tags

Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As autonomous principals proliferate across enterprise

FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

02/07/2026 0 Comments 0 tags

The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions. “An operator tied to