Malware: CanisterWorm, dbmux, GlassWorm, hackerbot-claw, Hades, IronWorm, JS.Worm.ShaiHulud, kitty-monitor, Megalodon, Miasma, Miasma: The Spreading Blight, Miasma worm, Mini Shai-Hulud, Phoenix Locker, Python.Loader.Shai-Hulud, s1ngularity, SANDWORM_MODE, sha1-hulud, Sha1-Hulud, SHA1-Hulud, Sha1-Hulud: The Second Coming, Shai-Hulud, Shai-Hulud 2.0, Shai-Hulud 3.0, ShaiWorm, Shaulud, TeamPCP cloud stealer, TeamPCPCloudStealer, telemetry.js, The Spreading Blight, Vect, Vect 2.0, WastedLocker CVEs: CVE-2019-5736, CVE-2020-10148, CVE-2022-0492, CVE-2023-29059, CVE-2024-21626, CVE-2024-3094, CVE-2025-10894, CVE-2025-30066, CVE-2025-55182, CVE-2025-59144, CVE-2025-59532, CVE-2025-59536, CVE-2025-6514, CVE-2026-21852, CVE-2026-22708, CVE-2026-33634, CVE-2026-42271, CVE-2026-45321, CVE-2026-45758, CVE-2026-46412, CVE-2026-48027 Technologies: 1Password, 3CX DesktopApp, Aider-AI Aider, Amazon Web Services, Amazon Web Services (AWS), Anthropic Claude, Anysphere Cursor, Apple macOS, Aqua Security Trivy, Arweave, Auto-GPT, Bun, Bundler, Checkmarx, Checkmarx KICS, CircleCI, CrewAI, CrowdStrike, Cursor, Dify, Docker, Git, GitHub, GitHub Actions, GitHub Copilot, GNU Privacy Guard, Google Cloud Platform, Google Gemini, Google Gemini CLI, gopass, HashiCorp Vault, JFrog, Kubernetes, Leo/RStreams, Linux, LiteLLM, Microsoft Azure AI, Microsoft Azure Functions, Microsoft Durable Task, Microsoft Entra ID, Microsoft GraphRAG, Microsoft .NET Framework, Microsoft Visual Studio, Microsoft Windows, Mistral AI, MongoDB Server, Node.js, npm, Nrwl Nx, OpenAI, OpenAI Codex, OpenCode, OpenSSH, Oracle MySQL, pnpm, PostgreSQL, PyPI, Python, Python Package Index, Python PyPI, Red Hat, Red Hat Cloud Services, Replit, RubyGems, SentinelOne, Sigstore, SolarWinds, Sonatype Nexus Repository, SSH, Stanford DSPy, Starlette, StepSecurity, StepSecurity Harden-Runner, TanStack, The Linux Foundation Sigstore, UiPath, Vapi.ai, Vapi SDK, VMware Carbon Black, WeaveDB, Yarn, Zoom Threat Actors: APT38, Bluenoroff, CageyChameleon, CipherForce, CryptoCore, DangerousPassword, DeadCatx3, DragonForce, Elitexp, EvilCorp, GlassWorm, GoldWinter, HasanBroker, IndrikSpider, Lapsus, Lazarus, LazarusGroup, LeeryTurtle, MASAN, Megalodon, Miasma, NICKELGLADSTONE, PCPcat, PersyPCP, PG_MEM, ReplicatingMarauder, ResoluteXBF, Sandworm, SapphireSleet, SHADOW-WATER-058, ShellForce, ShinyHunters, StardustChollima, Ta444, TeamPCP, TGR-CRI-1135, TGRCRI1135, TraderTraitor, UNC1069, UNC4899, UNC6780 Attacker Countries: North Korea, Russia, South Africa Attacker IPs: 103[.]75[.]11[.]59, 142[.]11[.]206[.]73, 154[.]47[.]29[.]12, 160[.]119[.]64[.]3, 170[.]62[.]100[.]245, 209[.]159[.]147[.]239, 83[.]142[.]209[.]0 Attacker Emails: claude@users[.]noreply[.]github[.]com, github-actions@github[.]com Attacker Domains: aab[.]sportsontheweb[.]net, agent[.]stepsecurity[.]io, api[.]anthropic[.]com, api[.]github[.]com, api[.]stepsecurity[.]io, app[.]stepsecurity[.]io, check[.]git-service[.]com, checkmarx[.]zone, github[.]com, git-service[.]com, git-tanstack[.]com, graph[.]microsoft[.]com, help[.]sonatype[.]com, login[.]microsoftonline[.]com, models[.]litellm[.]cloud, nsa[.]cat, oob[.]moika[.]tech, registry[.]npmjs[.]org, scan[.]aquasecurtiy[.]org, sfrclak[.]com, tdtqy-oyaaa-aaaae-af2dq-cai[.]raw[.]icp0[.]io, telemetry[.]api-monitor[.]com, temp[.]sh, t[.]m-kosche[.]com, webhook[.]site Attacker URLs: api[.]anthropic[.]com[:]443/v1/api, api[.]anthropic[.]com/v1/api, check[.]git-service[.]com/rope.pyz, github[.]com/liuende501, github[.]com/oven-sh/bun/releases, github[.]com/oven-sh/bun/releases/download/bun-v1.3.13, github[.]com/oven-sh/bun/releases/download/bun-v1.3.13/bun-*.zip, hxxp[://]169[.]254[.]169[.]254/latest/api/token, hxxp[://]169[.]254[.]169[.]254/metadata/identity/oauth2/token, hxxps[://]api[.]anthropic[.]com[:]443/v1/api, hxxps[://]api[.]github[.]com/graphql, hxxps[://]api[.]github[.]com/repos/liuende501/nemean-hydra-34343/contents/results/results-1780551069887-0.json, hxxps[://]api[.]github[.]com/search/commits?q=IfYouInvalidateThisTokenItWillNukeTheComputerOfTheOwner, hxxps[://]api[.]github[.]com/search/commits?q=thebeautifulmarchoftime, hxxps[://]api[.]github[.]com/user, hxxps[://]api[.]github[.]com/user/repos, hxxps[://]github[.]com/liuende501, hxxps[://]github[.]com/oven-sh/bun/releases/download/bun-v1.3.13/, hxxps[://]github[.]com/oven-sh/bun/releases/download/bun-v1.3.13/bun-linux-x64-baseline.zip, hxxps[://]graph[.]microsoft[.]com/v1.0/me, hxxps[://]login[.]microsoftonline[.]com/, hxxps[://]registry[.]npmjs[.]org/-/npm/v1/oidc/token/exchange/package/, hxxps[://]registry[.]npmjs[.]org/-/v1/search?text=maintainer:{username}, hxxps[://]registry[.]npmjs[.]org/-/whoami, hxxps[://]temp[.]sh, hxxp[:]//169.254.169.254/latest/meta-data/iam/security-credentials/, hxxps[:]//api.anthropic.com/v1/api, hxxps[:]//api.github.com, hxxps[:]//api.github.com/search/commits?q=firedalazer, hxxps[:]//fulcio.sigstore.dev, hxxps[:]//github.com/oven-sh/bun/releases/download/bun-v1.3.13/, hxxps[:]//github.com/oven-sh/bun/releases/download/bun-v1.3.13/bun-{os}-{arch}.zip, hxxps[:]//github.com/oven-sh/bun/releases/download/bun-v1.3.14/, hxxps[:]//login.microsoftonline.com/, hxxps[:]//upload.pypi.org/legacy/, hxxps[:]//webhook.site/bb8ca5f6-4175-45d2-b042-fc9ebb8170b7, registry[.]npmjs[.]org/-/npm/v1/tokens, registry[.]npmjs[.]org/-/whoami, tor[:]//api/agent Attacker Hashes: 026588d39b7c650b5c0dfbba6c6fcc0e7ec8e3b72ba8639012e7f71c708f2c3b, 031ba872d5a84bfb18115f432811e4b45180346a1bae653f7fd85f918e7bb3a3, 080190bffcaafffacca1f0181fc9024aaaa21500ffdc9926fa5b689ba959965d, 09b2301d1589416e0d5fb7a602427a9850dee6713ffa741c0efcfeb1eb4c8952, 0c5077e51419868618aeaa5fe8019c62421857d6, 0c9c67ec40d5f23efa1ec3470d0ac88b4993ccc0e92be913fc29a337dfc4f060, 0d1e742c4f94d592d6b824cf7cb9dfebd8c2a323345080a6524d0352d1cd479c, 0dc06ecdaa63fe24859cfd955053c23245c536e4733480239d14bebf12688e35, 0fe6a098fe698e586188e0f2e851ef43f1a35958, 10c619e75181d07ddcccb5c1f62766c85fef08df, 1259284706ec9ffbcccbede1e8055c1a4fa5fd69885dfb982ccd06df2fb83d0a, 15b415ae41df72acf1f7e9e67569531d41dee62d089d34b4c0fab0c7fe5cc14f, 17c4312b50d69a6f61515edcf71cfaa8271fe2538b942128cfb639d021d042a7, 1a30a9abe20bab121aaa75ed040565af14e6cdfb745609ee0e7b94a2d814fb9c, 1a3b9ed0b377f56f49b9a703612cf45e86ab7d100587e1e7a476d809fe337a8c, 21b6409a7b84446310daca5409ad6112ac60a1e4bef97736e53fff5f63bfdef4, 25e121e3b7d300c0d0075b33e5eca39a3e6a659fb9cfee52b70ef71686628f1b, 288f26c2eadcb1a7923fe376d16f5404216cce15d9fc162a4a78574dc7df399a, 2a446171b4b981d98b5af6c5606bd63b1570040334210b6ab0a10901b2606fe5, 32d1bc728d8e504952083a6adc488c309a401c7df4dc8f47b382ce32e4aebe21, 396cac9e457ec54ff6d3f6311cb5cc1da8054d019ce3ffa1de5741506c7a4ea4, 3da2ca129c9920d9acd2e3477aee8f46b5a5f0e9537ad6e7b6ab1df1007adad1, 3f3f42d072bd36860ab7bd7fb5e10ac0d22c741c13c89505ccd6ec0ea572eea7, 3f8e522595f32277a0013c7ab0df3ecf336460b56e6b4be9130907f419db3b6d, 42e165602967c8e1a6fae0113a5179adbe33e18192244fe34b872db09c85e0e6, 46faab8ab153fae6e80e7cca38eab363075bb524edd79e42269217a083628f09, 4a0aa78757958683155a7b9289427fb829abcad1bf5ee6399eb73e8409b0bc11, 4b2399646573bb737c4969563303d8ee2e9ddbd1b271f1ca9e35ea78062538db, 545a1838c66e1771f58d84a17b3e1841e5eeab91a73f4ccc59c9492450a6d9c0, 57ba86f6f0caaa580c1dccdf4ed7873d1470e5ea2f8e9ca7a989dc04899f13c0, 5926b86b642e00672252953eb30d8f75cfb7797fe3118bd6fa2cfbee92905d61, 5c6cb758a3447bc7e0de34406919a933f9351e90ef04ec43f3bbb401e7004e1b, 5d7c93caf50a447a8d48cafe2e5cff6b47618b13, 5dabf08e2655c012e478074a2cea2b0d34e286c27265a26f3846fc45e5584501, 608d01124cd6b5b8c55888e984b4c4d9b06fa686, 62ee164b9b306250c1172583f138c9614139264f889fa99614903c12755468d0, 633ad8849a59e2bfb7a0fe589e816a07, 6506d31707a39949f89534bf9705bcf889f1ecae3dbc6f4ff88d67a8be3d01b2, 675294612f455fe6a9acb195f0cbe3687d8e2e34, 6cb3fc3650355973b8a1ed86619a3f412fb0700f29c1c3a736cada4c2c76a9f7, 6d332f814f15f19758d65026bbfd0a8c49671b319ec77b8fa1b27fc48afff7d9, 7557c4e782a0622159476d1ea10d5236, 7569d69cf3684a792ce63d19b6e0d9d192597963, 7b19ffc2f2bfff75989255e5e807d0f62513153de287eba9cc17003c1dcae8a8, 7cbace2a186cab2c652305b6e33c8eeb10d4a0ec3a0c8b795de012094fa0d845, 82d83274680df928fdda296a348e01802f595e412308c399565c320df444052a, 85b1ed56530bb64d925af4ca50faacd89efb1b63d615238a34adbea9f00e4754, 88896d478986d453f5da79b311de39d9b4b1bea95c21af1d8ef181b0f4e52fe9, 88d098c8d96e9ae17550e9798c3b62c420464b8c, 89f97557200bd26cc8941c9abaadac2d798a89562401016fbb2c757e3092dfdc, 8bf051251ec3b973e39a313547e53421a2f8d2f6, 8d2a09b3727b50f3d035b58bd35b90b504d24dda73a8a24e926a010a58ba5f74, 927387d0cfac1118df4b383decc2ea6ba49c9d2f98b47098bcbcba1efc026e1f, 94e8488fd033728eee6666550d5a94b0cc1f7b231d4d85d0affecb0615116722, 9566275be80af10b8c6be1d47bfcfdbe5590f472b1a9abd85bad24e0a9a7a891, 9b99482b75ee89f0d916f2743deeff381ea727e69c71491822477e67891841ad, 9c0425aa6e6d7792ac38d24f3e7245f42fcaa553ddfeb6bd97677017f10c3b75, 9e6c5af01438b52c9a411686c1f1b8ff, a150985aac1847e4a2e198f7ecccbbbc9443840699efd5a7654a006d61e1288e, a3894003ad1d293ba96d77881ccd2071446dc3f65f434669b49b3da92421901a, a8f0c75a77698759413dbadcb99b62709816ed42, a934a5bcf692b9d01e8129bf264be23809dfee464df471d75a9f3fa1bcede343, aab0659e13fa2a8e482139b97ae523aacec91a42b5f125a7b0952bf57c3ac864, aaf00d06baa3c679b82452c50014e9824b8874e9ca2d150f19095f8de19ba90f, ab9903d9edc720d1e11ea7d3d3e7a1c456f44ff7, ac2a2208e1726e008be6c73dc0872d9bba163319259dff1b62055ac933ca46b6, b19c2fd48535c8c40aeb3e627ce92775f33ef9292611767bb1236c238e6f90cc, b390d9f708760b799ee5482e8050ce093219140627fcaec6df8812ac9abb9a9b, b3e217f4354e8a4383038b99b0bcaeaff191a79df58e7a1f2355a79aac2faf13, b74caeaa75e077c99f7d44f46daaf9796a3be43ecf24f2a1fd381844669da777, b86c5ae9e95bd841a595440faa3eb6317441e746f241ae8fd641ab59ed1d1966, bbbca2ddaa5d8feaa63e36b76fdaad77386f024f, bd8035203536735490e4bd5cdcede581a9d3a3f7a5df7725859844d8dcc8eb49, bdcdae644bdf6285d01a986e1b8feb7ec4060e2c7d5f5e2609c16718922b7944, c178cafa2b3bcbefbbc283b5ab8fc6143e46650631f72451a44327f146a609c3, c2a60face766f69f82c972375f35f8ebaa45d6c464176974e631d9a78d6bea0a, c539766062555d47716f8432e73adbe3a0c0c954a0b6c4005017a668975e275c, c5443b06aeb12dbf16046f9a8c9446d30e22655110e1e06919406d6f01a14ac5, c611e49ea46c91013448942c26049741b434cb5dac55fff7c376ca6a4f28580e, c95506221d18936328fbc7ddcd21e3dd, c96f37e1b9cdc9683a300909492ed9f770b620d0037e5b80e23753cba7ca4077, cbb9bc5a8496243e02f3cc080efbe3e4a1430ba0671f2e43a202bf45b05479cd, ceff7c51d70832c3ec8dd2744b606a23b3c924ef664ae23439b9b742ea154108, cffc487ee978f7bc06e3856b286940940658884847d38b619a137b8272a75980, d1999fd543085918dd542322c6455abde3c57a93b8f7ce871b8809c8bb744af7, d543bb3cdf1569c2b3d38c8a4081ed746cfe78bf3236c2302704d79ab7fa9558, d590bd375d95e4ac072b7ebc1fc4489bcaf5f20a939e92486267aa398bcf1e5d, d5a97614d5319ce9c8e01fa0b4eb06fb5b9e54fa13b23d718174a1546444123b, d8d170af3de17bb9b217c52aaaffdf9395f35ef015a57ef676e406c121e5e223, da39146ef451d1b174a24d00b1e2a45cd38d54e849737f8f35333dcb22175707, dc48b09b2a5954f7ff79ab8a2fd80202bd3b59c08c7cdbc6025aa923cb4c0efe, dc67467a39b70d1cd4c1f7f7a459b35058163592f4a9e8fb4dffcbba98ef210c, de0fac2e4500dabe0009e67214ff5f5447ce83dd, df1732f5bfec12e066be44dee02ec8a243e4868d38672c1b1d065359dd735a14, df9ea0c71574e11c93141ad2f018a63a5375cd6d69ca2f744732ad7814170657, e1342a80d4b5e83d2c7c22e1e0aaa95f2d88e3dbf0d853a4994b180c93a4b17d, e3dbe63aded45278f49c4746ab938ed9472b36def79b43e2dd2d7eff014481d1, e5f73c888f1250a8895680801975cf177e8c690defd4a999e56f6c08ff64deb8, edd86c0efd776a6bd934fc7b0d4d6da2b256e147cfa83bb0c2814e81d849c427, ef641e956f91d501b748085996303c96a64d67f63bfeef0dda175e5aa19cca90, f0641e053e81f0d01fa46db35a83e0a34494886503086866d956d14e81fd3e1c, f099c5d9ec417d4445a0328ac0ada9cde79fc37410914103ae9c609cbc0ee068, f1ffdbf5e639899f26a6ebab2eec408d, f3c5c21274045ae02fef11e931de6dcf8462a067, f565988f281bf77bcad26ea7f543617e53da4b62f5df63d4f7a89bae1729cf81, f7c47be306351ffacd46584d2067f7be676dbfe17cd89ab4880632decfe18f3d, f88258e21592084a2f93a572ade8f9b91c0cd0e242f5cf6121ed7bad0f7bdd1f, f961d6897c0ec586cde633e100865b5b1d435cc7c301dbf0f41298ca5b42e17a, fb174de58e6825fed16de26d74ffbcacd74d371951e3064db51cfd700146d86f, fb5c97557230a27460fdab01fafcfabeaa49590bafd5b6ef30501aa9e0a51142, fd64413119575fa119eaa9f94d32208c7d916796 Victim Industries: Academia, Artificial Intelligence, Biotechnology, Blockchain, Cloud Infrastructure, Cryptocurrency, Education, Financial, Financials, Financial Services, Government, Healthcare, Information Security, Information Technology, Life Sciences, Manufacturing, Pharmaceuticals, Professional Services, Public Sector, Scientific Research, Software, Technology Hardware, Telecommunications Victim Countries: Austria, Belgium, Bulgaria, Canada, China, Croatia, Cyprus, Czech Republic, Denmark, Estonia, European Union, Finland, France, Germany, Greece, Hungary, Iran, Ireland, Israel, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, United Kingdom, United States

By admin

Leave a Reply