Skip to content
Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT

Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT

Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of a software supply chain attack. The malicious package campaign, codenamed ViteVenom by Checkmarx, marks an expansion of ChainVeil, which was observed using an “unprecedented” four-tier blockchain-based command-and-control (C2) infrastructure spanningRead More »Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT

New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens

New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens

A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator’s own dashboard claims 3,811 unique AWS keys. A Shodan harvester keeps the scan queue stocked with ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio: the image generators, local model runners, and workflow buildersRead More »New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens

GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft

GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft

Cybersecurity researchers have attributed the April 2026 DigiCert security incident to a threat activity cluster dubbed CylindricalCanine. Expel, which shared technical details of the event, described the threat actor as a sub-group of GoldenEyeDog (aka APT-Q-27, Dragon Breath, and Miuuti Group), a Chinese cybercrime group known for its targeting ofRead More »GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft

Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images

Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images

North Korean threat actors linked to the Contagious Interview campaign have been observed employing steganography in SVG image files to conceal malicious payloads as part of a campaign using fake job postings and coding challenges. “Any user who ran the project ended up with a four-stage payload aligned with OTTERCOOKIE:Read More »Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images

Copyright © 2026 infosecintel.net