News
-
SAP-related npm packages hit by credential-stealing supply chain attack
SAP-related npm packages were compromised in an April 29 supply chain attack that inserted credential-stealing malware into four releases, affecting developer, GitHub, npm, cloud, and Kubernetes secrets, according to a technical analysis from Aikido Security.
-
North Korean hackers use AI to hide npm malware in Web3 supply chain
North Korean-linked hackers are using AI-generated code and layered npm packages to spread malware that steals cryptocurrency wallets and developer data, according to a technical analysis from ReversingLabs. The campaign has also expanded beyond npm to other platforms.
-
Europol-backed operation dismantles online fraud call centres in Albania
Europol-supported investigators have dismantled a Tirana-based online fraud network accused of causing at least EUR 50 million in losses. Ten people were arrested and cash, computers and phones were seized in coordinated raids.
-
LiteLLM flaw exploited within 36 hours of public disclosure
LiteLLM’s CVE-2026-42208 SQL injection was exploited within 36 hours of disclosure, with attackers targeting database tables that store provider keys and runtime settings. The flaw affects versions 1.81.16 through 1.83.6.
-
Vimeo says customer data exposed after Anodot breach
Vimeo said some customer and user data was accessed without authorization after the Anodot breach, including email addresses for some customers, technical data, video titles and metadata. The company said video content and payment data were not exposed.
-
Checkmarx says LAPSUS$ leaked data from stolen GitHub repository
Checkmarx said LAPSUS$ leaked 96GB of data stolen from its private GitHub repository after a March 23 compromise linked to a supply chain attack. The company said it has not found customer information so far.
-
Critical LeRobot flaw could let attackers run code on robotics systems
A critical flaw in Hugging Face’s LeRobot robotics platform could let an unauthenticated attacker run code on affected systems. The issue is tracked as CVE-2026-25874 and remains unpatched, with a fix planned for version 0.6.0.
-
Robinhood fixes account creation flaw used to send phishing emails
Robinhood said attackers abused a flaw in its account creation flow to send phishing emails from a legitimate company address. The company said no customer accounts, personal information or funds were impacted.
-
Medtronic confirms network breach after hackers claim theft of 9 million records
Medtronic said hackers breached corporate IT systems and may have accessed personal data after ShinyHunters claimed theft of more than 9 million records and terabytes of internal data.
-
PhantomCore linked to attacks on TrueConf servers in Russia
PhantomCore has been tied to attacks on TrueConf servers in Russia since September 2025, using three vulnerabilities to run commands remotely and move deeper into victim networks, according to a technical analysis by Positive Technologies.
