A North Korea-aligned threat group known as ScarCruft has been linked to a multiplatform supply chain … ScarCruft Hack Plants Backdoors in Windows and AndroidRead more
supply chain attack
DigiCert Breach Exposes Stolen Code Signing Certificates
A sophisticated cyberattack targeting DigiCert has exposed a critical weakness in code signing trust chains, where … DigiCert Breach Exposes Stolen Code Signing CertificatesRead more
Fake Notepad++ for Mac Website: A Growing Malware Threat
A seemingly harmless search for a trusted code editor on macOS has turned into a serious … Fake Notepad++ for Mac Website: A Growing Malware ThreatRead more
Worm Alert: SAP npm Packages Weaponized to Steal Cloud and AI Secrets
A sophisticated supply chain attack has targeted the SAP developer ecosystem, hijacking official npm packages to … Worm Alert: SAP npm Packages Weaponized to Steal Cloud and AI SecretsRead more
Malicious “tanstack” Package Hijacks npm to Steal Dev Secrets
On April 29, 2026, a highly targeted supply chain attack hit the JavaScript ecosystem. An attacker … Malicious “tanstack” Package Hijacks npm to Steal Dev SecretsRead more
Critical Warning: Popular “Lightning” AI Framework Hacked in Massive Supply Chain Attack
On April 30, 2026, the Socket Research Team issued an emergency alert: the widely used PyPI … Critical Warning: Popular “Lightning” AI Framework Hacked in Massive Supply Chain AttackRead more
The 5-Year Sleeper: Popular WordPress Plugin “Hacked” Since 2020 to Inject Secret Code
In one of the most patient supply chain attacks in WordPress history, a popular plugin with … The 5-Year Sleeper: Popular WordPress Plugin “Hacked” Since 2020 to Inject Secret CodeRead more
Warning: New AI Malware Is Secretly Stealing Crypto Keys
The integration of AI into the software development lifecycle was supposed to eliminate human error. Instead, … Warning: New AI Malware Is Secretly Stealing Crypto KeysRead more
Warning: AI Coding Tools at Risk—Cursor Vulnerability Exposes All Your Developer Tokens
In the race to build faster with AI, security is often left in the rearview mirror. … Warning: AI Coding Tools at Risk—Cursor Vulnerability Exposes All Your Developer TokensRead more
Warning: This Dangerous New Malware Steals Your Crypto and Files
For years, the cybersecurity landscape was divided: traditional malware (RATs and botnets) targeted system credentials, while … Warning: This Dangerous New Malware Steals Your Crypto and FilesRead more