Threat Intel Feed
·|
Famous Chollima Targets PHP Developers Through Compromised Packagist Package
Socket.devIncident start — not yet confirmed
Published May 31, 2026, 06:41 PM GMT+0First seen May 31, 2026, 09:45 PM GMT+0
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
The Hacker NewsIncident start — not yet confirmed
Published May 27, 2026, 03:44 PM GMT+0First seen May 27, 2026, 04:30 PM GMT+0
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
The Hacker NewsIncident start — not yet confirmed
Published May 23, 2026, 04:07 PM GMT+0First seen May 23, 2026, 05:00 PM GMT+0
AI Has Taken Over Open Source
Socket.devIncident start — not yet confirmed
Published May 22, 2026, 02:22 PM GMT+0First seen May 22, 2026, 03:45 PM GMT+0
Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development
Socket.devIncident start — not yet confirmed
Published May 20, 2026, 03:25 PM GMT+0First seen May 20, 2026, 04:30 PM GMT+0
Socket Raises $60M Series C at a $1B Valuation to Help Enterprises Build Securely With AI
Socket.devIncident start — not yet confirmed
Published May 20, 2026, 02:07 PM GMT+0First seen May 20, 2026, 05:30 PM GMT+0
New Shai-Hulud malware wave compromises 600 npm packages
Bleeping ComputerIncident start — not yet confirmed
Published May 19, 2026, 02:30 PM GMT+0First seen May 19, 2026, 02:30 PM GMT+0
Shai-Hulud: Here We Go Again. Mass npm Supply Chain Attack Hits the AntV Ecosystem
StepSecurityIncident start — not yet confirmed
Published May 19, 2026, 06:26 AM GMT+0First seen May 19, 2026, 06:30 AM GMT+0
Compromised atool npm Account Delivers CI/CD Credential Stealer Across 24 Packages (echarts-for-react package, timeago.js)
StepSecurityIncident start — not yet confirmed
Published May 19, 2026, 04:04 AM GMT+0First seen May 19, 2026, 04:15 AM GMT+0
Active Supply Chain Attack Compromises @antv Packages on npm
Socket.devIncident start — not yet confirmed
Published May 19, 2026, 02:49 AM GMT+0First seen May 19, 2026, 03:15 AM GMT+0
Shai-Hulud Worm Clones Spread After Code Release
Dark ReadingIncident start — not yet confirmed
Published May 18, 2026, 07:53 PM GMT+0First seen May 18, 2026, 08:15 PM GMT+0
Leaked Shai-Hulud malware fuels new npm infostealer campaign
Bleeping ComputerIncident start — not yet confirmed
Published May 18, 2026, 05:28 PM GMT+0First seen May 18, 2026, 05:30 PM GMT+0
First Shai-Hulud Worm Clones Emerge
SecurityWeekIncident start — not yet confirmed
Published May 18, 2026, 09:45 AM GMT+0First seen May 18, 2026, 09:45 AM GMT+0
Exploitation of Critical NGINX Vulnerability Begins
SecurityWeekIncident start — not yet confirmed
Published May 18, 2026, 07:27 AM GMT+0First seen May 18, 2026, 07:30 AM GMT+0
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
The Hacker NewsIncident start — not yet confirmed
Published May 17, 2026, 11:57 AM GMT+0First seen May 17, 2026, 03:00 PM GMT+0
PyPI Fixes High-Severity Access Control Issues Found in Security Audit
Socket.devIncident start — not yet confirmed
Published May 1, 2026, 09:05 PM GMT+0First seen May 2, 2026, 04:15 AM GMT+0
Copy.Fail: Universal Linux Local Privilege Escalation Vulnerability
Wiz BlogIncident start — not yet confirmed
Published May 1, 2026, 12:38 PM GMT+0First seen May 1, 2026, 01:00 PM GMT+0
Mini Shai-Hulud Spreads to Packagist: Malicious Intercom PHP Package Follows npm Compromise
Socket.devIncident start — not yet confirmed
Published Apr 30, 2026, 09:31 PM GMT+0First seen Apr 30, 2026, 10:15 PM GMT+0
Intercom’s npm Package Compromised in Ongoing Mini Shai-Hulud Worm Attack
Socket.devIncident start — not yet confirmed
Published Apr 30, 2026, 03:42 PM GMT+0First seen Apr 30, 2026, 05:15 PM GMT+0
lightning PyPI Package Compromised in Supply Chain Attack
Socket.devIncident start — not yet confirmed
Published Apr 30, 2026, 01:36 PM GMT+0First seen Apr 30, 2026, 02:15 PM GMT+0