Shai-hulud is a malware family tracked across 34 threat clusters and 84 intelligence report mentions on ThreatCluster. First observed November 13, 2025; most recent activity July 16, 2026.
A series of critical vulnerabilities have emerged, including CVE-2026-20182, which allows unauthenticated attackers to gain admin access to Cisco Catalyst SD-WAN Controllers. ShinyHunters defaced the Canvas LMS login…
Checkmarx reported a malicious version of its Jenkins AST plugin was uploaded to the Jenkins Marketplace on May 9, 2026. This backdoored plugin, which affects security scans in Jenkins CI pipelines, poses a significant…
On May 19, 2026, Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) operation that provided over 1,000 fraudulent code-signing certificates to cybercriminals, enabling them to disguise malware as…
The 2026 Verizon Data Breach Investigations Report (DBIR) reveals that vulnerability exploitation has overtaken stolen credentials as the primary entry point for data breaches, accounting for 31% of incidents. This…
On May 18, 2026, an automated cyber campaign named Megalodon pushed 5,718 malicious commits to 5,561 GitHub repositories within six hours. The attackers used forged identities and dummy accounts to inject malicious…
A new supply chain attack, dubbed 'Mini Shai-Hulud', has compromised multiple npm packages related to SAP's Cloud Application Programming Model (CAP). This attack involves injecting malicious preinstall scripts into…
On May 20, 2026, GitHub confirmed a significant security breach involving a poisoned Visual Studio Code (VS Code) extension that compromised an employee's device. The attack, attributed to the TeamPCP hacking group,…
RubyGems has introduced dependency cooldowns in Bundler to mitigate supply chain attacks that exploit newly published packages. This feature delays the installation of packages until they have been available for a…
Suno, an AI music generation startup, was hacked, revealing unauthorized scraping of music data from platforms like YouTube Music, Deezer, and Genius. The breach occurred through a supply chain attack that compromised…
Recent incidents highlight a significant threat to Kubernetes clusters, where attackers exploited leaked AWS IAM credentials from developer workstations. This allowed them to deploy poisoned Docker images, facilitating…