Security & IT News

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines requiring organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours of being flagged where "feasible" to safeguard against potential threats stemming from threat actors' abuse of artificial intelligence (AI) tools and large language models (LLMs) to automate vulnerability

Iran's Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. [...]

Microsoft has confirmed a new known issue affecting Windows Server 2016 systems that causes domain controller lookups to fail after installing the KB5087537 May 2026 security update. [...]

The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli military campaign against the country in late February 2026. The activity, besides embracing

The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach notification service Have I Been Pwned. [...]

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon. The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Introduction In recent weeks, I've searched for pages impersonating Claude that distribute malware. In recent weeks, I've reliably found these sites through malicious ads in Google searches that lead to these pages, often concealed in URLs for sites.google[.]com , such as this example from 2026-05-11 . These fake Claude pages generally show instructions for macOS malware when viewed through a macOS system, and they will show instructions for Windows malware when viewed through a Windows system. Today's dairy shows an example of Windows malware from one of these pages seen on Monday, 2026-05-25. Based on the C2 domain for post-infection traffic, this appears to be an infection for ACR Stealer . Images Shown above: Web page impersonating Claude with a button to Download for Windows. Shown above: Instructions to install Claude on Windows are actually instructions that will infect a vulnerable computer with malware. Shown above: Traffic from a Windows host when following instructions from the fake Claude download page. Indicators of Compromise Fake Claude download page: hxxps[:]//fairpoint29.com/ From the above page, URL for the initial download: hxxps[:]//primemetricsa[.]com/1518925 Follow-up download: hxxps[:]//6ryuefl.creativecommunityinfo[.]art/Camel-91267b64-989f-49b4-89b4-9e015844d42d A further download: hxxps[:]//i.ibb[.]co/Xx16sbMz/init-block.jpg Domain for post-infection HTTPS traffic to C2 server: yw.enhanceblabber[.]cc Initial download: SHA256 hash: 70b5ecc110e074dbca92932c0e840ea3492ea0a43c3f215b71392c12b02213b2 File size: 2,416,902 bytes File type: Zip archive data, at least v1.0 to extract File location: hxxps[:]//primemetricsa[.]com/1518925 NOTE: There's an issue with this zip archive, so its contents will not extract correctly using typical extraction tools. Follow-up download, PowerShell script: SHA256 hash: a14c3ecf5eb3d2543358482e43dc765dbf9ee7a4bec7571f5ecb8829ca719692 File size: 4,177,395 bytes File type: ASCII text, with very long lines, with CRLF line terminators File location: hxxps[:]//6ryuefl.creativecommunityinfo[.]art/Camel-91267b64-989f-49b4-89b4-9e015844d42d A further download: SHA256 hash: 47fa746422f1bf6b7712dc6803378e6a995488007193a7441d790f70d204728f File size: 628,035 bytes File type: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 5256x5256, components 3 File location: hxxps[:]//i.ibb[.]co/Xx16sbMz/init-block.jpg NOTE: This image doesn't appear to be malicious, nor could I find any obvious signs of embedded data, but it's somehow related to this infection chain. --- Bradley Duncan brad [at] malware-traffic-analysis.net (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Anthropic appears to be preparing for the public rollout of the Mythos model, which was announced in April as a restricted model that poses major security risks to private and public software. [...]

Hackers compromised FBI Chief Kash Patel’s clothing store in a ClickFix attack that tricked macOS users into installing infostealer malware.

Microsoft Access files (Microsoft Office's Database) can contain VBA code. But they are not ole or OOXML files. You can't analyze them with oledump.py : Neither do they contain an embedded OLE file: Microsoft does not publish official documentation for the Microsoft Access file format, like it does for CFB (ole) and OOXML. That inspired me to add support for VBA compression to my search-for-compression.py tool. search-for-compression.py is a tool that searches through binary files, looking for data that is ZLIB compressed. I've now added the option to search for compressed VBA code too. That is done with option -t: There are 3 entries. The first 2 decompress to binary data (01 00 04 ...). These are similar to dir streams in ole files. dir streams specify VBA project properties, project references, and module properties. They can be dumped: The 3th one starts with ASCII data (Attritut). This is VBA code that can be selected and dumped: This example is simple, because it's just an empty database that I created for this diary entry. Real samples are a bit more complex. I'll cover some examples in an upcoming diary entry. Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers they should've patched years ago. Good times. Phishing crews are getting smarter too - less obvious scam junk, more targeted stuff that actually

TeamPCP now operates across three package ecosystems in parallel, it reached GitHub's own internal codebase, it trojanized an officially Microsoft-published Python SDK, and it appears to have open-sourced its own framework on GitHub. Bottom line up front Three escalations stacked inside a single week. First, GitHub's CISO Alexis Wales publicly named a malicious Nx Console VS Code extension build (v18.95.0, publisher nrwl.angular-console, verified-publisher badge, roughly 2.2 million installs) as the root of an intrusion that exfiltrated approximately 3,800 GitHub-internal repositories; OpenAI, Grafana Labs, and Mistral AI were named as downstream victims. The poisoned extension was live on the Visual Studio Marketplace for roughly 18 minutes. Second, an officially Microsoft-published Python SDK on PyPI ( durabletask , the Azure Durable Functions client, roughly 417,000 monthly downloads) was trojanized across three versions (1.4.1 through 1.4.3) inside an approximately 35-minute window, and independent reporting characterizes the second-stage payload as carrying a Linux disk wiper. Third, the same operator pushed a third Mini Shai-Hulud wave through the @antv npm ecosystem: 639 malicious package versions across 323 packages, including echarts-for-react (roughly 1.1 million weekly downloads) and size-sensor (roughly 4.2 million weekly downloads). Action: rotate any developer or CI/CD credentials exposed during the windows below, stop treating publisher-verified or attestation badges as install-time safety signals, and inspect AI coding agent configuration files for persistence. How this developed The week opened with a credentials-to-publish chain that nobody had previously walked end-to-end in public. Reporting from BleepingComputer and Help Net Security ties OIDC credentials harvested in the May 11 TanStack wave to the Nx Console publish on May 18, which means the same operator that built the worm two weeks earlier used its loot to push a trojanized VS Code extension through a verified-publisher account. In parallel, the same operator poisoned the @antv npm ecosystem through a compromised maintainer account ( atool ) and dropped a trojanized build of Microsoft's own durabletask SDK on PyPI. Within 72 hours, GitHub itself, Microsoft, and several named AI-lab developer endpoints were affected. By Friday, multiple vendors reported the Shai-Hulud framework source had been published to GitHub, and copycat forks were already running. What changed, by theme The GitHub-internal breach: a multi-stage operation that worked Takeaway: TanStack-harvested credentials from May 11 were used to publish the trojanized Nx Console extension that breached GitHub itself. This is the first publicly confirmed multi-stage operation in the campaign. On 2026-05-18 a malicious build of the Nx Console VS Code extension (v18.95.0, publisher nrwl.angular-console) was published to the Visual Studio Marketplace and was live for approximately 18 minutes before it was

TeamPCP now operates across three package ecosystems in parallel, it reached GitHub's own internal codebase, it trojanized an officially Microsoft-published Python SDK, and it appears to have open-sourced its own framework on GitHub. Bottom line up front Three escalations stacked inside a single week. First, GitHub's CISO Alexis Wales publicly named a malicious Nx Console VS Code extension build (v18.95.0, publisher nrwl.angular-console, verified-publisher badge, roughly 2.2 million installs) as the root of an intrusion that exfiltrated approximately 3,800 GitHub-internal repositories; OpenAI, Grafana Labs, and Mistral AI were named as downstream victims. The poisoned extension was live on the Visual Studio Marketplace for roughly 18 minutes. Second, an officially Microsoft-published Python SDK on PyPI ( durabletask , the Azure Durable Functions client, roughly 417,000 monthly downloads) was trojanized across three versions (1.4.1 through 1.4.3) inside an approximately 35-minute window, and independent reporting characterizes the second-stage payload as carrying a Linux disk wiper. Third, the same operator pushed a third Mini Shai-Hulud wave through the @antv npm ecosystem: 639 malicious package versions across 323 packages, including echarts-for-react (roughly 1.1 million weekly downloads) and size-sensor (roughly 4.2 million weekly downloads). Action: rotate any developer or CI/CD credentials exposed during the windows below, stop treating publisher-verified or attestation badges as install-time safety signals, and inspect AI coding agent configuration files for persistence. How this developed The week opened with a credentials-to-publish chain that nobody had previously walked end-to-end in public. Reporting from BleepingComputer and Help Net Security ties OIDC credentials harvested in the May 11 TanStack wave to the Nx Console publish on May 18, which means the same operator that built the worm two weeks earlier used its loot to push a trojanized VS Code extension through a verified-publisher account. In parallel, the same operator poisoned the @antv npm ecosystem through a compromised maintainer account ( atool ) and dropped a trojanized build of Microsoft's own durabletask SDK on PyPI. Within 72 hours, GitHub itself, Microsoft, and several named AI-lab developer endpoints were affected. By Friday, multiple vendors reported the Shai-Hulud framework source had been published to GitHub, and copycat forks were already running. What changed, by theme The GitHub-internal breach: a multi-stage operation that worked Takeaway: TanStack-harvested credentials from May 11 were used to publish the trojanized Nx Console extension that breached GitHub itself. This is the first publicly confirmed multi-stage operation in the campaign. On 2026-05-18 a malicious build of the Nx Console VS Code extension (v18.95.0, publisher nrwl.angular-console) was published to the Visual Studio Marketplace and was live for approximately 18 minutes before it was

Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025 KrebsOnSecurity story about how their hosting companies had assumed control over the technical infrastructure of Stark Industries Solutions , an Internet service provider sanctioned last year by the EU as a frequent staging ground for cyber mischief from Russia’s intelligence agencies. An investigator with the Tax Intelligence and Investigation Service (FIOD), the Dutch financial crimes agency, during the raid. Image: FIOD. The Dutch daily news outlet de Volkskrant reports that the Dutch financial crime agency FIOD on May 18 arrested a 57-year-old from Amsterdam and a 39-year-old from The Hague, charging them with violating sanctions law by directly or indirectly making economic resources available to EU-sanctioned entities. The Dutch investigation focuses on Stark Industries, a sprawling hosting provider that materialized just two weeks before Russia invaded Ukraine. As detailed in this May 2024 deep-dive , Stark quickly became the source of massive distributed denial-of-service (DDoS) attacks against European targets, and emerged as a top supplier of proxy and anonymity services that showed up time and again in cyberattacks linked to Russia-backed hacking groups. That report identified two Moldovan brothers — Ivan and Yuri Neculiti and their company PQHosting — who were providing one of Stark’s two main conduits to the larger Internet. In May 2025, the EU sanctioned PQHosting and the Neculiti brothers for aiding Russia’s hybrid warfare efforts. But as KrebsOnSecurity observed in September 2025 , those sanctions failed to target Stark’s remaining connection to the Internet — an Internet service provider based in the Netherlands called MIRhosting . MIRhosting is operated by Andrey Nesterenko , a 39-year-old Russian native who runs the business out of the Netherlands. News that PQHosting and the Neculiti brothers were about to be sanctioned by the EU leaked in the media nearly two weeks before the sanctions were announced last year. During that time, the Stark network assets were transferred from PQHosting to a new entity called the[.]hosting , under the control of the Dutch entity WorkTitans BV . And as our September 2025 report showed, WorkTitans was controlled by Nesterenko and a 57-year-old from Amsterdam named Youssef Zinad . On top of that, WorkTitans was getting connectivity to the larger Internet solely through MIRhosting, where Zinad had worked previously. On May 18, Dutch financial crime investigators arrested Nesterenko and Zinad, and searched three businesses in Enschede and Almere and two data centers in Dronten and Schiphol-Rijk. A statement from the Dutch authorities said they also seized laptops, telephones

The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-factor authentication (MFA). [...]

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost's Content API that could allow an unauthenticated attacker to read arbitrary data from the

Ask a cybersecurity pro about Network Detection and Response (NDR) and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll hear they're actually using it to catch threats earlier, triage faster, and chase fewer false positives. The old complaint lingers in part because reputations are sticky, and because NDR has evolved

Dutch authorities arrested two suspects after dismantling a bulletproof hosting network linked to cybercrime, disinfo, and Russian sanctions evasion.