Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...
Microsoft flagged a Mistral AI hack as a supply-chain attack that hid malware in a fake AI library on PyPI. Here's what ...
The post Attackers replaced JDownloader installer downloads with malware appeared first on . If you downloaded the JDownloader installer during the compromise window ( ...
CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...
TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Mini Shai-Hulud hit 2 OpenAI devices via TanStack, exposing limited credentials and forcing macOS certificate updates by June ...
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...
Cryptopolitan on MSN
Mistral AI and TanStack hit in supply chain attack with SLSA-attested malware
Attackers compromised the official Mistral AI Python package on PyPI along with hundreds of other widely-used developer packages, exposing GitHub tokens, cloud credentials, and password vaults across ...
I compared how Gemini, ChatGPT, and Claude can analyze videos - this model wins ...
What happened?: Attackers exploited a CMS flaw to replace JDownloader’s Windows and Linux installers with malware between May 6–7, 2026. What was affected?: Only Windows and Linux shell installers ...
An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results