appsecThreats

Threat Intel Feed

·|
Famous Chollima Targets PHP Developers Through Compromised Packagist Package
Incident start — not yet confirmed
Published May 31, 2026, 06:41 PM GMT+0First seen May 31, 2026, 09:45 PM GMT+0
Socket.dev
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
Incident start — not yet confirmed
Published May 27, 2026, 03:44 PM GMT+0First seen May 27, 2026, 04:30 PM GMT+0
The Hacker News
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
Incident start — not yet confirmed
Published May 23, 2026, 04:07 PM GMT+0First seen May 23, 2026, 05:00 PM GMT+0
The Hacker News
AI Has Taken Over Open Source
Incident start — not yet confirmed
Published May 22, 2026, 02:22 PM GMT+0First seen May 22, 2026, 03:45 PM GMT+0
Socket.dev
Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development
Incident start — not yet confirmed
Published May 20, 2026, 03:25 PM GMT+0First seen May 20, 2026, 04:30 PM GMT+0
Socket.dev
Socket Raises $60M Series C at a $1B Valuation to Help Enterprises Build Securely With AI
Incident start — not yet confirmed
Published May 20, 2026, 02:07 PM GMT+0First seen May 20, 2026, 05:30 PM GMT+0
Socket.dev
New Shai-Hulud malware wave compromises 600 npm packages
Incident start — not yet confirmed
Published May 19, 2026, 02:30 PM GMT+0First seen May 19, 2026, 02:30 PM GMT+0
Bleeping Computer
Shai-Hulud: Here We Go Again. Mass npm Supply Chain Attack Hits the AntV Ecosystem
Incident start — not yet confirmed
Published May 19, 2026, 06:26 AM GMT+0First seen May 19, 2026, 06:30 AM GMT+0
StepSecurity
Compromised atool npm Account Delivers CI/CD Credential Stealer Across 24 Packages (echarts-for-react package, timeago.js)
Incident start — not yet confirmed
Published May 19, 2026, 04:04 AM GMT+0First seen May 19, 2026, 04:15 AM GMT+0
StepSecurity
Active Supply Chain Attack Compromises @antv Packages on npm
Incident start — not yet confirmed
Published May 19, 2026, 02:49 AM GMT+0First seen May 19, 2026, 03:15 AM GMT+0
Socket.dev
Shai-Hulud Worm Clones Spread After Code Release
Incident start — not yet confirmed
Published May 18, 2026, 07:53 PM GMT+0First seen May 18, 2026, 08:15 PM GMT+0
Dark Reading
Leaked Shai-Hulud malware fuels new npm infostealer campaign
Incident start — not yet confirmed
Published May 18, 2026, 05:28 PM GMT+0First seen May 18, 2026, 05:30 PM GMT+0
Bleeping Computer
First Shai-Hulud Worm Clones Emerge
Incident start — not yet confirmed
Published May 18, 2026, 09:45 AM GMT+0First seen May 18, 2026, 09:45 AM GMT+0
SecurityWeek
Exploitation of Critical NGINX Vulnerability Begins
Incident start — not yet confirmed
Published May 18, 2026, 07:27 AM GMT+0First seen May 18, 2026, 07:30 AM GMT+0
SecurityWeek
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
Incident start — not yet confirmed
Published May 17, 2026, 11:57 AM GMT+0First seen May 17, 2026, 03:00 PM GMT+0
The Hacker News
PyPI Fixes High-Severity Access Control Issues Found in Security Audit
Incident start — not yet confirmed
Published May 1, 2026, 09:05 PM GMT+0First seen May 2, 2026, 04:15 AM GMT+0
Socket.dev
Copy.Fail: Universal Linux Local Privilege Escalation Vulnerability
Incident start — not yet confirmed
Published May 1, 2026, 12:38 PM GMT+0First seen May 1, 2026, 01:00 PM GMT+0
Wiz Blog
Mini Shai-Hulud Spreads to Packagist: Malicious Intercom PHP Package Follows npm Compromise
Incident start — not yet confirmed
Published Apr 30, 2026, 09:31 PM GMT+0First seen Apr 30, 2026, 10:15 PM GMT+0
Socket.dev
Intercom’s npm Package Compromised in Ongoing Mini Shai-Hulud Worm Attack
Incident start — not yet confirmed
Published Apr 30, 2026, 03:42 PM GMT+0First seen Apr 30, 2026, 05:15 PM GMT+0
Socket.dev
lightning PyPI Package Compromised in Supply Chain Attack
Incident start — not yet confirmed
Published Apr 30, 2026, 01:36 PM GMT+0First seen Apr 30, 2026, 02:15 PM GMT+0
Socket.dev