Search

bleepingcomputer.com › news › security

Laravel Lang packages hijacked to deploy credential-stealing malware

… All four repositories share the same fake author identity, the same modified files, and the same payload behavior, which makes them almost certainly the work of one actor using one compromised credential with org wide push access." This allowed the attackers to publish what appeared to be legitimat… …

May 23, 2026 · Lawrence Abrams

bleepingcomputer.com › news › security

SHub macOS infostealer variant spoofs Apple security updates

… When wallet applications are present, hijacks them by terminating their processes and replacing the legitimate core application file with a malicious one called app.asar downloaded from the command-and-control C2 server. …

May 18, 2026 · Bill Toulas

bleepingcomputer.com › news › security

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

… The behavior resembles the CanisterWorm campaign that TeamPCP deployed in March and targeted Kubernetes platforms. …

May 12, 2026 · Bill Toulas