CISA, NSA, and the Canadian Centre for Cyber Security released a joint Malware Analysis Report on December 4, 2025, warning of BRICKSTORM, a sophisticated Go-based ELF backdoor used by PRC state-sponsored actors for long-term persistence on VMware vSphere systems, such as vCenter and ESXi,...
KawaiiGPT is an open‑source “kawaii” command‑line chatbot that aims to offer WormGPT‑style, unrestricted AI assistance for free by chaining together multiple large language models, including DeepSeek, Google’s Gemini, and Moonshot’s Kimi‑K2.
It lowers the barrier for experimentation with jailbroken models, but also raises serious...
GitLab's Vulnerability Research team has uncovered an active, large-scale supply chain attack spreading destructive malware through the npm ecosystem using an evolved variant of the Shai-Hulud malware.
The campaign represents a significant escalation in supply chain threats, featuring a particularly dangerous mechanism: a "dead...
Cobalt Strike 4.12 launched on November 24, 2025, bringing major updates for red team operators, including a refreshed graphical user interface, beta REST API, and User Defined Command and Control (UDC2) for custom C2 channels.
The release adds evasion-focused process injection techniques, fresh UAC...
Developers woke to alarms on November 24, 2025, as Shai-Hulud malware resurfaced in a bolder attack.
This "Second Coming" affected over 800 npm packages from firms such as Zapier, ENS Domains, AsyncAPI, PostHog, and Postman.
It exposed secrets from 25,000+ GitHub repositories, timed to...
Cyber attackers compromised Zapier's NPM account in late November 2025, infecting multiple packages as part of the Shai-Hulud 2.0 malware campaign, dubbed "The Second Coming" by the threat actors.
This self-replicating worm spread rapidly across the NPM ecosystem, targeting developer machines and CI/CD pipelines...