Malware | Breaking Cybersecurity News | The Hacker News

Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware . The development has GitHub to disable access to those repositories. "Access to this repository has been disabled by GitHub Staff due to a violation of GitHub's terms of service," reads the message when attempting to access the " Azure/azure-functions-host " repository. "If you are the owner of the repository, you may reach out to GitHub Support for more information." According to OpenSourceMalware, some of the repositories impacted by the incident are listed below - azure-search-openai-demo-purviewdatasecurity Connectors-NET-LSP Connectors-NET-SDK durabletask durabletask-dotnet durabletask-go durabletask-js ...

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog , the information stealer "scrapes every secret it can find on a developer's machine, hides behind an eBPF kernel rootkit, and answers to its operator over Tor." The stealer also uses the stolen credentials as a propagation mechanism, drawing similarities to the infamous Shai-Hulud worm. The new malware has been codenamed IronWorm by the software supply chain security company. By publishing itself to the npm registry in the form of trojanized packages, the approach results in a self-replicating attack. The malicious activity has been traced back to a compromised npm account named " asteroiddao ," which has been found to publish package versions containing the Rust ELF binary that's exec...

Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin , according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack wave making use of distinct websites mimicking utilities, war-related updates, and a government news source: govlens[.]net, which impersonates a government news source (registered on May 27, 2025) pdf-reader[.]help, which impersonates a secure PDF editor (registered on May 29, 2025) live-war-map[.]com, which claims to offer updates on military incidents (registered on January 20, 2025) Two of these websites - govlens[.]net and live-war-map[.]com - were also marketed via dedicated accounts on social media platforms like Facebook and Telegram - www.facebook[.]com/GovLens t[.]me/liveuamap_ar "Each of these websites distributes a malicious app that combines legitimate functionality with stealthy spyware ca...

Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent reports describe thousands of lookalike FIFA domains, banking malware hidden inside pirate streaming apps, and at least one operation that copies FIFA's login page well enough to take over real accounts. It is an obvious target. More than six million fans are expected across 16 cities in the United States, Canada, and Mexico, and FIFA said it received more than 150 million ticket requests in the first 15 days, leaving the tournament around 30 times oversubscribed. Tickets are scarce, fans are anxious, and money is moving fast, which is exactly what fraud needs. One Operator, 300 Cloned FIFA Sites The most detailed findings come from Group-IB , which tracked more than 4,300 fraudulent FIFA domains registered since August 2025. At the center is a group it calls GHOST STADIUM , a Chinese-speaking, money-driven operation...

It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal. Forums go down and come back worse. Cheap hackers get better toys. AI starts breaking real systems. Great. Read the whole thing before it ruins your week anyway.