The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...
Decrypt

Solana Exchange Raydium Hit With $1.34 Million Exploit as DeFi Attacks Grow

Solana-based decentralized exchange Raydium will repay the funds swiped in the $1.34 million exploit using its treasury.
SecurityWeek

Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation

Claude Mythos Preview autonomously built 16 working exploits targeting Firefox and Windows vulnerabilities within hours.
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Dark Reading

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

Threat actors have struck the software supply chain yet again, this time hitting the Python Package Index (PyPI) with Mini Shai-Hulud in an attempt to spread poisoned code. In the latest campaign, ...