On May 20, GitHub disclosed that a compromised VS Code extension installed by an employee allowed the hacker group TeamPCP to steal credentials, clone roughly 3,800 private repositories, and list the source code for a $50,000 auction on the dark web, highlighting a severe software‑supply‑chain threat.
On May 14, 2026 three malicious versions of the node‑ipc package were published to npm, injecting obfuscated payloads that steal cloud credentials, SSH keys, AI tool configurations and other sensitive files, and the article analyses the attack stages, historical repeats, npm's structural flaws, and concrete blue‑team mitigation steps.
On May 14, 2026, security teams uncovered three malicious node‑ipc npm releases that used a Lily‑Pad account‑hijack technique to inject an 80 KB obfuscated payload, exfiltrate credentials via DNS TXT tunneling, and prompt immediate version audits and credential rotation.
In May 2026, VECERT flagged threat actor NormalLeVrai for stealing credentials and admin access from France’s Fédération Française de Ball‑Trap (FFBT), selling the data on dark‑web markets; the breach, still under investigation, highlights the actor’s focus on French organizations, low‑price bulk sales, and the need for immediate password resets, MFA, and continuous monitoring.
A publicly exposed server revealed a large‑scale automated attack in which threat actors used the Bissa scanner tool, AI‑assisted code, and hard‑coded Telegram bots to exploit the React2Shell (CVE‑2025‑55182) vulnerability, stealing credentials from more than 900 enterprises and reporting each success in real time.
Security researchers reveal that by embedding malicious UNC paths in specially crafted Outlook 365 emails or meeting invites, attackers can trigger automatic SMB authentication, steal the victim’s Net‑NTLMv2 hash, and subsequently perform offline cracking or NTLM relay attacks, posing a high‑stealth threat to enterprises.
A malicious PyPI release of litellm (version 1.82.8) injects a .pth file that auto‑executes, harvests SSH keys, cloud credentials, and other secrets, encrypts them, exfiltrates to a fake domain, and can spread through Kubernetes, prompting urgent removal and credential rotation.
A supply‑chain breach of the popular LiteLLM Python library injected malicious .pth files that silently harvest SSH keys, cloud credentials, and other secrets, deploy persistent backdoors, and spread through downstream packages, prompting urgent detection and remediation steps for developers.
The article details how compromised LiteLLM versions 1.82.7 and 1.82.8 on PyPI embed a malicious .pth file that runs on every Python start, harvests credentials, exfiltrates them via an unauthenticated endpoint, and creates Kubernetes pods for lateral movement, then provides detection and remediation steps.
The report details how the GhostClaw/GhostLoader campaign leverages trusted GitHub repositories and AI‑assisted development workflows to deliver a multi‑stage macOS payload that steals credentials, contacts a single C2 domain, and establishes persistence, while providing blue‑team detection and mitigation guidance.
Over 300,000 users have installed 30 malicious Chrome extensions that pose as AI assistants, stealing account credentials, email content and browsing data; the most popular, Gemini AI Sidebar, had 80,000 installs before removal, and the extensions share a common backend infrastructure.
The article reveals how a seemingly harmless XSS flaw in an internal development platform can be weaponized to steal high‑privilege credentials, pivot across internal services, and ultimately breach production systems, urging teams to treat development environments as critical security frontiers.
This article examines how adversaries target Jenkins automation servers, detailing common discovery methods, exploitation techniques such as Java deserialization and mis‑configured authentication, and practical red‑team demonstrations of credential extraction, script‑console abuse, and malicious job creation to illustrate mitigation recommendations.
