Mastra AI npm Supply Chain Attack Hits 1.1M Weekly Downloads
June 17, 2026
Attackers hijacked a dormant npm contributor account and backdoored 144 Mastra AI packages, exposing 1.1 million weekly downloads to a
News
Mastra AI npm Supply Chain Attack Hits 1.1M Weekly Downloads
Attackers hijacked a dormant npm contributor account and backdoored 144 Mastra AI packages, exposing 1.1 million weekly downloads to a RAT dropper payload.
15 JetBrains Plugins Steal AI API Keys in Eight-Month Campaign
Fifteen malicious JetBrains Marketplace plugins stole OpenAI, DeepSeek, and SiliconFlow API keys from 70,000 IDE users across an eight-month campaign.
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
ShinyHunters claimed 2.2 million stolen Kodak records and set a publication deadline; Kodak confirmed a breach and engaged external cybersecurity experts.
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
CISA added CVE-2026-48907 to its KEV catalog as automated exploit campaigns target the unauthenticated file upload flaw in the Joomla Content Editor plugin.
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Symantec found that DragonForce ransomware deployed Backdoor.Turn, a Go implant that hides C2 traffic inside Microsoft Teams TURN relay infrastructure.
iRhythm Confirms PHI Exfiltration via Social Engineering
iRhythm Technologies confirmed in an SEC 8-K that social engineering gave hackers access to patient cardiac monitoring data, which they then exfiltrated.
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Zimperium disclosed Rokarolla, an Android trojan with a 137-command C2 framework that targets 217 banking and cryptocurrency apps via dynamic overlay attacks.
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
Kaspersky found malicious Wallpaper Engine packages on Steam Workshop delivering DarkKomet, Lumma, Vidar, and ransomware loaders to gamers who installed them.
GhostTree NTFS Junctions Paralyze Windows Defender Scans
Varonis disclosed GhostTree, an NTFS junction technique that uses recursive loops to block Windows Defender scans, requiring only standard user permissions.
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
Unit 42 found CVE-2026-2473 in the Vertex AI SDK lets attackers execute code in a victim's GCP tenant by squatting predictable bucket names and using ...
15 JetBrains Plugins Steal AI API Keys in Eight-Month Campaign
June 17, 2026
Fifteen malicious JetBrains Marketplace plugins stole OpenAI, DeepSeek, and SiliconFlow API keys from 70,000 IDE users across an eight-month campaign.
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
June 17, 2026
ShinyHunters claimed 2.2 million stolen Kodak records and set a publication deadline; Kodak confirmed a breach and engaged external cybersecurity
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
June 17, 2026
CISA added CVE-2026-48907 to its KEV catalog as automated exploit campaigns target the unauthenticated file upload flaw in the Joomla
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
June 17, 2026
Symantec found that DragonForce ransomware deployed Backdoor.Turn, a Go implant that hides C2 traffic inside Microsoft Teams TURN relay infrastructure.
iRhythm Confirms PHI Exfiltration via Social Engineering
June 17, 2026
iRhythm Technologies confirmed in an SEC 8-K that social engineering gave hackers access to patient cardiac monitoring data, which they
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
June 17, 2026
Zimperium disclosed Rokarolla, an Android trojan with a 137-command C2 framework that targets 217 banking and cryptocurrency apps via dynamic
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
June 17, 2026
Kaspersky found malicious Wallpaper Engine packages on Steam Workshop delivering DarkKomet, Lumma, Vidar, and ransomware loaders to gamers who installed
GhostTree NTFS Junctions Paralyze Windows Defender Scans
June 17, 2026
Varonis disclosed GhostTree, an NTFS junction technique that uses recursive loops to block Windows Defender scans, requiring only standard user
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
June 17, 2026
Unit 42 found CVE-2026-2473 in the Vertex AI SDK lets attackers execute code in a victim’s GCP tenant by squatting
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.