New Torg Grabber infostealer malware targets 728 crypto wallets

A new info-stealing malware called Torg Grabber is stealing sensitive data from 850 browser extensions, more than 700 of them ...
WinBuzzer

DarkSword iOS Exploit Leaks on GitHub, Threatens Millions

A government-grade iOS exploit kit called DarkSword has been leaked on GitHub, putting hundreds of millions of iPhones ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
The Hacker News

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

FAUX#ELEVATE phishing deploys stealers and miners via fake resumes, targeting enterprise systems, enabling rapid credential ...
Dark Reading

GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead

An AI-assisted campaign is spreading more than 300 poisoned packages for diverse assets ranging from developer tools to game ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...