Malicious – NuclearCoffee

Hacker news

INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime

On Mar 13, 2026 3:53 pm, by NuclearCoffee

Ravie LakshmananMar 13, 2026Ransomware / Cybercrime INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns,… Continue reading

Hacker news

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

On Mar 11, 2026 6:18 am, by NuclearCoffee

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io,… Continue reading

Hacker news

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

On Mar 09, 2026 7:42 pm, by NuclearCoffee

Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts…. Continue reading

Hacker news

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

On Mar 09, 2026 11:33 am, by NuclearCoffee

Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to downstream customers, inject… Continue reading

Hacker news

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

On Mar 02, 2026 6:36 pm, by NuclearCoffee

Ravie LakshmananMar 02, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges… Continue reading

Hacker news

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

On Feb 28, 2026 7:43 pm, by NuclearCoffee

OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and… Continue reading

Hacker news

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

On Feb 27, 2026 5:27 pm, by NuclearCoffee

Ravie LakshmananFeb 27, 2026Malware / Linux Security Cybersecurity researchers have disclosed details of a malicious Go module that’s designed to harvest passwords, create persistent access via SSH, and… Continue reading

Hacker news

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

On Feb 26, 2026 11:11 pm, by NuclearCoffee

Ravie LakshmananFeb 26, 2026Malware / Software Security Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services… Continue reading

Hacker news

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

On Feb 25, 2026 2:35 pm, by NuclearCoffee

Ravie LakshmananFeb 25, 2026Cybersecurity / Malware Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The… Continue reading

Hacker news

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

On Feb 23, 2026 11:43 am, by NuclearCoffee

Cybersecurity researchers have disclosed what they say is an active “Shai-Hulud-like” supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages to… Continue reading

Tag: Malicious

Stay Connected