On April 30, 2026, the Socket Research Team issued an emergency alert: the widely used PyPI … Critical Warning: Popular “Lightning” AI Framework Hacked in Massive Supply Chain AttackRead more
malware
The 5-Year Sleeper: Popular WordPress Plugin “Hacked” Since 2020 to Inject Secret Code
In one of the most patient supply chain attacks in WordPress history, a popular plugin with … The 5-Year Sleeper: Popular WordPress Plugin “Hacked” Since 2020 to Inject Secret CodeRead more
Warning: “KarstoRAT” Malware Targets Gamers to Hijack Webcams and Microphones
A sophisticated new Remote Access Trojan (RAT) named KarstoRAT has surfaced in early 2026, marking a … Warning: “KarstoRAT” Malware Targets Gamers to Hijack Webcams and MicrophonesRead more
How Silver Fox Uses Fake Tax Audits to Blind Your Security
A sophisticated and aggressive threat actor, tracked as Silver Fox, has launched a massive new wave … How Silver Fox Uses Fake Tax Audits to Blind Your SecurityRead more
Supply Chain Alert: 1M Monthly Downloads Hacked in ‘Elementary-Data’ Poisoning
In a sophisticated display of software supply chain interference, the widely used data observability tool elementary-data … Supply Chain Alert: 1M Monthly Downloads Hacked in ‘Elementary-Data’ PoisoningRead more
Pharma Under Fire: Kimsuky’s Weaponized “ERP” Malware Targets Drug Researchers
In the high-stakes world of pharmaceutical research, intellectual property is the ultimate currency. In April 2026, … Pharma Under Fire: Kimsuky’s Weaponized “ERP” Malware Targets Drug ResearchersRead more
Precision Sabotage: The ‘fast16’ Malware Targeting Ultra-High-Value Assets
In the world of cyber espionage and digital warfare, there is a clear distinction between “noise” … Precision Sabotage: The ‘fast16’ Malware Targeting Ultra-High-Value AssetsRead more
GlassWorm’s Stealth Move: 73 New Open VSX Sleeper Extensions Revealed
Software developers are the high-value targets of 2026. In a sophisticated escalation of supply chain warfare, … GlassWorm’s Stealth Move: 73 New Open VSX Sleeper Extensions RevealedRead more
The Supply Chain Nightmare: Checkmarx Compromised Again by TeamPCP
In the world of cybersecurity, lightning rarely strikes the same place twice—unless you are a high-value … The Supply Chain Nightmare: Checkmarx Compromised Again by TeamPCPRead more
Bitwarden CLI Supply Chain Attack Exposes CI/CD Secrets
A critical supply chain attack targeting Bitwarden CLI has raised serious concerns across DevSecOps environments and … Bitwarden CLI Supply Chain Attack Exposes CI/CD SecretsRead more