thearabianpost

Mac malware campaign targets crypto coders

Cryptocurrency developers have become the focus of a new macOS-focused cyber campaign that uses fake recruiter approaches, malicious meeting links and compromised software pipelines to steal digital ...
The Hacker News

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

Three LiteLLM flaws let low-privilege users gain admin access and run code, exposing AI keys, secrets, prompts, and responses.
Memeburn

Microsoft's GitHub Repos Were Hacked to Steal AI Developer Passwords

Hackers injected malware into 73 Microsoft GitHub repos on June 5, 2026. The attack targeted AI coding tools like Claude Code and VS Code. Read what happened.
note

The Severity of Supply Chain Attacks Highlighted by 'Miasma', a New Malware Targeting AI Developers

On June 5, 2026, 73 Microsoft GitHub repositories were disabled by GitHub's unauthorized use prevention system. These repositories were compromised by malware that steals credentials when developers ...
GIGAZINE

73 Microsoft GitHub repositories have been disabled after being compromised by malware that stole credentials from AI users.

On June 5, 2026, 73 Microsoft GitHub repositories were disabled by GitHub's anti-fraud system. These repositories were found to be compromised by malware that stole authentication credentials when ...
thearabianpost

Outdated BIG-IP devices expose Linux networks

Hackers are exploiting unsupported F5 BIG-IP appliances to gain SSH access to enterprise Linux systems, turning trusted edge infrastructure into entry points for deeper attacks on identity systems and ...
europesays

Miasma Worm Hits Microsoft Again: Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack Targeting AI Coding Agents

On June 5, 2026, the Miasma worm campaign reached Microsoft’s Azure GitHub organizations. GitHub disabled 73 repositories across four Microsoft GitHub organizations after a malicious commit was pushed ...
Bleeping Computer

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. Microsoft tracks the actor as Storm ...
theregister

Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

The most popular impacted package is size-sensor, downloaded 4.2 million times per month, followed by echarts-for-react (3.8 million), @antv/scale (2.2 million) and timeago.js (1.15 million). The ...
thecyberexpress

Microsoft Details Storm-2949 Cloud Attack on Azure and Microsoft 365

Microsoft Threat Intelligence has disclosed details of a cyberattack carried out by a threat actor tracked as Storm-2949, which escalated from a targeted identity compromise into a large-scale breach ...
SiliconANGLE

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that compromised LiteLLM, a widely used open-source Python library that serves as ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Microsoft Threat Intelligence recently uncovered a methodical, sophisticated, and multi-layered attack, where a threat actor we track as Storm-2949 launched a relentless campaign with a singular focus ...