The post Attackers replaced JDownloader installer downloads with malware appeared first on . If you downloaded the JDownloader installer during the compromise window ( ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

In early May, the JDownloader website delivered malware. This is reminiscent of Daemon Tools, which have since reacted.

Between May 6 and 7, it was dangerous to install JDownloader from alternative links on the site.

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

The attacks compromise aerospace and drone firms' systems to exfiltrate GIS files, terrain models, and GPS data to gain a clear picture of analysts' intel.

What happened?: Attackers exploited a CMS flaw to replace JDownloader’s Windows and Linux installers with malware between May 6–7, 2026. What was affected?: Only Windows and Linux shell installers ...

KongTuke has been regarded as the original access broker and has switched to Microsoft Teams for social engineering attacks, ...

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...