
300 Fake GitHub Repos Deliver BoryptGrab Chrome Bypass Infostealer
ArcticWolf exposed a campaign using 300 fake GitHub repos to deliver BoryptGrab, an infostealer that bypasses Chrome App-Bound Encryption via

ArcticWolf exposed a campaign using 300 fake GitHub repos to deliver BoryptGrab, an infostealer that bypasses Chrome App-Bound Encryption via

Four official AsyncAPI npm packages were compromised to deliver Miasma, a botnet loader using six C2 channels including Ethereum smart

Group-IB analyzed a new RedHook Android RAT variant that gains shell-level access by turning the device into its own ADB

An attacker compromised jscrambler’s npm credentials and published five malicious versions dropping a Rust infostealer targeting cloud and AI credentials.

Binarly disclosed six flaws in U-Boot’s FIT signature verification subsystem, including two RCEs that bypass Secure Boot across more than

Microsoft silently patched CVE-2026-50656 RoguePlanet via a Defender engine update, ending over three weeks of confirmed active SYSTEM privilege exploitation.

Elastic Security Labs found REF6045 deploying SCMBANKER, an AI-written PowerShell toolkit that lets operators control Mexican banking sessions live and

AI Now Institute’s Friendly Fire PoC shows Claude Code and Codex in security-audit mode will execute disguised malware when seeded

Microsoft disclosed GigaWiper, a Windows backdoor combining a real disk wiper, fake ransomware encryption, and multi-pass file overwriting in a

Symantec identified GodDamn ransomware using a kernel driver named PoisonX via the BYOVD technique to kill security software before file
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.