Hijacked npm and Go Packages Deploy Python Infostealer via VS Code Tasks29. June 2026CybersecurityHijackers use VS Code Tasks instead of npm lifecycle scripts to deploy a Python infostealer and bypass npm v12 security hardening. Share on:
35 Percent of Infostealer Infections Originate from Browser Temp Folders17. June 2026Cybersecurity35 percent of infostealer infections are triggered by downloads from browser temp folders because users execute downloaded files without verification. Share on:
Supply Chain Attack on Arch Linux: 400+ AUR Packages Compromised with Infostealer12. June 2026CybersecurityOver 400 Arch Linux AUR packages were compromised with infostealer malware, posing a data exfiltration risk to all systems that installed these packages on or after June 11, 2026. Share on:
Over 400 AUR Packages Compromised: Credential Stealer and eBPF Rootkit12. June 2026CybersecurityOver 400 compromised AUR packages distribute a Rust-based infostealer with eBPF rootkit backup for kernel-level persistence. Share on:
Microsoft Notifies Customers About Downloads of Infected GitHub Packages9. June 2026Claude Code, CybersecurityMicrosoft tools in GitHub repositories were infected with an infostealer that exfiltrated AI tokens, and affected customers have been notified. Share on: