QNAP Malware Remover code injection (fixed 6.6.8.20251023) — AryStinger NAS access vector
cve · CVE-2025-11837
Coverage timeline
1
first 2026-06-22 → last 2026-06-22
Briefs
1
1 distinct
Sources cited
190
82 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-06-22CTI Daily Brief — 2026-06-22
Source distribution
- attack.mitre.org24 (13%)
- thehackernews.com21 (11%)
- bleepingcomputer.com20 (11%)
- helpnetsecurity.com6 (3%)
- malwarebytes.com6 (3%)
- microsoft.com6 (3%)
- securityweek.com5 (3%)
- cloud.google.com4 (2%)
- other98 (52%)
External references
All cited sources (190)
- blog.xlab.qianxin.comprimaryinlineQiAnXin XLabhttps://blog.xlab.qianxin.com/arystinger-botnet-hijacks-legacy-routers-for-global-attacks-en/
- 9to5mac.cominline9to5Mac, 2026-05-12https://9to5mac.com/2026/05/12/apple-supplier-foxconn-confirms-ransomware-attack-affected-north-american-factories/
- arcticwolf.cominlineArctic Wolfhttps://arcticwolf.com/resources/blog/forticlient-ems-exploited-via-cve-2026-35616-to-deliver-ekz-infostealer-disguised-as-a-fortinet-patch/
- attack.mitre.orginlineT1190https://attack.mitre.org/techniques/T1190/
- attack.mitre.orginlineDonutLoaderhttps://attack.mitre.org/software/S1042/
- attack.mitre.orginlineT1021.001 Remote Services: Remote Desktop Protocolhttps://attack.mitre.org/techniques/T1021/001/
- attack.mitre.orginlineT1021.002https://attack.mitre.org/techniques/T1021/002/
- attack.mitre.orginlineT1046https://attack.mitre.org/techniques/T1046/
- attack.mitre.orginlineT1047 Windows Management Instrumentationhttps://attack.mitre.org/techniques/T1047/
- attack.mitre.orginlineT1053.005https://attack.mitre.org/techniques/T1053/005/
- attack.mitre.orginline`T1059` Command and Scripting Interpreterhttps://attack.mitre.org/techniques/T1059/
- attack.mitre.orginlineT1059.006https://attack.mitre.org/techniques/T1059/006/
- attack.mitre.orginlineT1072https://attack.mitre.org/techniques/T1072/
- attack.mitre.orginline`T1078` Valid Accountshttps://attack.mitre.org/techniques/T1078/
- attack.mitre.orginline`T1090` Proxyhttps://attack.mitre.org/techniques/T1090/
- attack.mitre.orginlineT1090.002https://attack.mitre.org/techniques/T1090/002/
- attack.mitre.orginline`T1136` Create Accounthttps://attack.mitre.org/techniques/T1136/
- attack.mitre.orginlineT1195.002https://attack.mitre.org/techniques/T1195/002/
- attack.mitre.orginlineT1204https://attack.mitre.org/techniques/T1204/
- attack.mitre.orginline`T1516 Input Injection`https://attack.mitre.org/techniques/T1516/
- attack.mitre.orginlineT1547https://attack.mitre.org/techniques/T1547/
- attack.mitre.orginlineT1555https://attack.mitre.org/techniques/T1555/
- attack.mitre.orginlineT1562.001https://attack.mitre.org/techniques/T1562/001/
- attack.mitre.orginlineT1572https://attack.mitre.org/techniques/T1572/
- attack.mitre.orginlineT1574.002 DLL Side-Loadinghttps://attack.mitre.org/techniques/T1574/002/
- attack.mitre.orginlineT1595https://attack.mitre.org/techniques/T1595/
- attack.mitre.orginline`T1626 Abuse Elevation Control Mechanism`https://attack.mitre.org/techniques/T1626/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/arystinger-botnet-infected-thousands-of-d-link-routers-worldwide/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-07https://www.bleepingcomputer.com/news/security/c0xmo-botnet-spreads-via-dd-wrt-router-flaw-kills-rival-malware/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-29https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-21https://www.bleepingcomputer.com/news/security/chinese-hackers-target-telcos-with-new-linux-windows-malware/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-04https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-atlas-rat-malware-in-european-cyberattacks/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-06https://www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-13https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-rce-flaws-in-fortisandbox-and-fortiauthenticator/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-15https://www.bleepingcomputer.com/news/security/funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/kodak-confirms-data-breach-claimed-by-shinyhunters-extortion-gang/
- bleepingcomputer.cominlineBleepingComputer corroboration on 2026-05-19https://www.bleepingcomputer.com/news/security/microsoft-self-service-password-reset-abused-in-azure-data-theft-attacks/
- bleepingcomputer.cominlineBleepingComputer — IronWormhttps://www.bleepingcomputer.com/news/security/new-ironworm-malware-hits-36-packages-in-npm-supply-chain-attack/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-20https://www.bleepingcomputer.com/news/security/new-prinz-eugen-ransomware-prioritizes-recent-files-for-encryption/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-16https://www.bleepingcomputer.com/news/security/new-rokarolla-android-malware-targets-217-banking-crypto-apps/
- bleepingcomputer.cominlineBleepingComputer 2026-05-05https://www.bleepingcomputer.com/news/security/new-stealthy-quasar-linux-malware-targets-software-developers/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-12https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-16https://www.bleepingcomputer.com/news/security/ransomware-gang-abuses-microsoft-teams-relays-to-hide-malicious-traffic/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-05https://www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-12https://www.bleepingcomputer.com/news/security/ukrainian-national-pleads-guilty-to-role-in-conti-ransomware-operation/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-16https://www.bleepingcomputer.com/news/security/windows-version-of-sprysocks-linux-malware-used-to-attack-govt-orgs/
- bleepingcomputer.cominlineBleepingComputer, 2026-06-01https://www.bleepingcomputer.com/news/security/wordpress-malware-campaign-hides-payloads-in-steam-profiles/
- blog.fox-it.cominlineFox-IT, 2026-05-22https://blog.fox-it.com/2026/05/22/remotepe-the-lazarus-rat-that-lives-in-memory/
- blog.sekoia.ioinlineSekoia, 2026-06-17https://blog.sekoia.io/unveiling-errtraffic-inside-a-growing-clickfix-malware-distribution-framework/
- blog.talosintelligence.cominlineCisco Talos, 2026-05-05https://blog.talosintelligence.com/cloudz-pheno-infostealer/
- blog.talosintelligence.cominlineCisco Talos 2026-05-05https://blog.talosintelligence.com/uat-8302/
- blogs.microsoft.cominlineMicrosoft On the Issues — DCU legal action, 2026-05-19https://blogs.microsoft.com/on-the-issues/2026/05/19/disrupting-fox-tempest-a-cybercrime-service/
- cloud.google.cominlineGTIG AI Threat Tracker May 2026https://cloud.google.com/blog/topics/threat-intelligence/ai-threat-tracker-may-2026/
- cloud.google.cominlineGoogle Cloud Threat Intelligence, 2026-05-11https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access
- cloud.google.cominlineGoogle GTIG, 2026-06-15https://cloud.google.com/blog/topics/threat-intelligence/prc-targets-us-medical-research
- cloud.google.cominlineMandiant, 2026-04-23https://cloud.google.com/blog/topics/threat-intelligence/unc6692-social-engineering-custom-malware
- comparitech.cominlineComparitech Q1 2026 Healthcare, 2026-04-29https://www.comparitech.com/news/healthcare-ransomware-roundup-q1-2026-stats-on-attacks-ransoms-and-data-breaches/
- coveware.cominlineCoveware analysis (2026-02-02)https://www.coveware.com/blog/2026/2/2/nitrogen-ransomware-esxi-malware-has-a-bug
- crowdstrike.cominlineCrowdStrike Counter Adversary Operations, 2026-05-27https://www.crowdstrike.com/en-us/blog/inside-crowdstrike-takedown-of-a-developer-targeting-botnet/
- cyber.gc.cainlineCCCS, 2026-06-03https://www.cyber.gc.ca/en/guidance/cyber-threat-bulletin-fifa-world-cup-2026tm
- cyberkendra.cominlineCyberKendra, 2026-05-07https://www.cyberkendra.com/2026/05/jdownloader-website-hacked-malicious.html
- cybermaxx.cominlineCyberMaxx Q1 2026https://www.cybermaxx.com/resources/ransomware-research-report-q1-2026-audio-blog-interview/
- cyberscoop.cominlineCyberScoop, 2026-06-12https://cyberscoop.com/conti-ransomware-member-ukrainian-lytvynenko-guilty/
- cybersecuritydive.cominlineCybersecurity Dive, 2026-05-22https://www.cybersecuritydive.com/news/iran-cyberattacks-espionage-us-israel-uae/820990/
- dragos.cominlineDragos, 2026-06-03https://www.dragos.com/dragos-industrial-ransomware-analysis-q1-2026
- elastic.coinlineElastic Security Labs 2026-05-07https://www.elastic.co/security-labs/tclbanker-brazilian-banking-trojan
- enki.co.krinlineENKI WhiteHat, 2026-05-27https://www.enki.co.kr/en/media-center/blog/kimsuky-s-advanced-attack-techniques-jsonping-webex-spoofing-and-a-new-httpspy-variant
- fortiguard.fortinet.cominlineFortinet PSIRT FG-IR-26-128 / FG-IR-26-136https://fortiguard.fortinet.com/psirt/FG-IR-26-128
- fortinet.cominlineFortiGuard Labs, 2026-06-04https://www.fortinet.com/blog/threat-research/cybercriminals-are-targeting-the-fifa-world-cup-2026
- fortinet.cominlineFortiGuard Labs, 2026-06-03https://www.fortinet.com/blog/threat-research/inside-cross-platform-propagation-of-new-gafgyt-variant-c0xmo
- github.cominlineGitHub Advisory GHSA-jxfc-8wcq-xxcghttps://github.com/advisories/GHSA-jxfc-8wcq-xxcg
- globalsecurity.orginlineGlobal Security, 2026-06-12https://www.globalsecurity.org/security/library/news/2026/06/sec-260612-doj01.htm
- godaddy.cominlineGoDaddy Security, 2026-05-28https://www.godaddy.com/resources/news/malware-targeting-wordpress-abuses-steam-community-profiles
- helpnetsecurity.cominlineHelp Net Security, 2026-05-04https://www.helpnetsecurity.com/2026/05/04/digicert-breach-code-signing-certificates-malware/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-18https://www.helpnetsecurity.com/2026/05/18/interpol-mena-cybercrime-operation-ramz-201-arrests/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-15https://www.helpnetsecurity.com/2026/06/15/chinese-hackers-redcap-medical-research-institutions-breach/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-16https://www.helpnetsecurity.com/2026/06/16/dragonforce-microsoft-teams-malware-backdoor-turn/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-17https://www.helpnetsecurity.com/2026/06/17/rogueplanet-zero-day-cve-2026-50656/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-18https://www.helpnetsecurity.com/2026/06/18/law-enforcement-socgholish-operation-endgame/
- huntress.cominlineHuntress, 2026-06-17https://www.huntress.com/blog/potemkin-loader-rmmproject-clickfix-attack
- interpol.intinlineINTERPOL, 2026-05-18https://www.interpol.int/en/News-and-Events/News/2026/201-arrests-in-first-of-its-kind-cybercrime-operation-in-MENA-region
- ioctl.failinlineioctl.fail, 2026-06-11https://ioctl.fail/preliminary-analysis-of-aur-malware/
- isc.sans.eduinlineSANS ISC Diary, 2026-05-04https://isc.sans.edu/diary/Cleartext+Passwords+in+MS+Edge+In+2026/32954/
- kaspersky.cominlineKaspersky press release, 2026-05-05https://www.kaspersky.com/about/press-releases/kaspersky-identifies-ongoing-supply-chain-attack-on-official-daemon-tools-website-distributing-backdoor-malware
- krebsonsecurity.cominlineKrebs on Security, 2026-06-18https://krebsonsecurity.com/2026/06/popa-botnet-linked-to-publicly-traded-israeli-firm/
- krebsonsecurity.cominlineKrebsOnSecurity, 2026-06-10https://krebsonsecurity.com/2026/06/who-runs-the-ransomware-group-the-gentlemen/
- labs.withsecure.cominlineWithSecure Labs, 2026-05-29https://labs.withsecure.com/publications/greyvibe
- lumen.cominlineLumen Black Lotus Labs — Showboathttps://www.lumen.com/blog/en-us/introducing-showboat-a-new-malware-family-taunts-defenses-and-targets-international-telecom-firms
- malware.newsinlineMalware.news, 2026-05-13https://malware.news/t/anubis-ransomware-strikes-french-firm-a-r-ge-co/106978
- malware.newsinlineWordfence via Malware.news, 2026-06-11https://malware.news/t/critical-unauthenticated-authentication-bypass-vulnerability-patched-in-updraftplus-wordpress-plugin/107751
- malwarebytes.cominlineMalwarebytes, 2026-03https://www.malwarebytes.com/blog/news/2026/03/fake-claude-code-install-pages-hit-windows-and-mac-users-with-infostealers
- malwarebytes.cominlineMalwarebytes, 2026-05-29https://www.malwarebytes.com/blog/news/2026/05/signal-users-targeted-in-backup-stealing-phishing-attacks
- malwarebytes.cominlineMalwarebyteshttps://www.malwarebytes.com/blog/news/2026/06/kodak-confirms-breach-as-shinyhunters-leak-threat-reaches-deadline
- malwarebytes.cominlineMalwarebytes, 2026-04-10 (earlier wave)https://www.malwarebytes.com/blog/scams/2026/04/fake-claude-site-installs-malware-that-gives-attackers-access-to-your-computer
- malwarebytes.cominlineMalwarebytes — Shub Stealer earlier wave, 2026-03https://www.malwarebytes.com/blog/threat-intel/2026/03/fake-cleanmymac-site-installs-shub-stealer-and-backdoors-crypto-wallets
- malwarebytes.cominlineMalwarebytes Labs, 2026-06https://www.malwarebytes.com/blog/threat-intel/2026/06/inside-a-malicious-infrastructure-delivering-etherrat-phishing-pages-and-malicious-software
- microsoft.cominlineMicrosoft Security Blog 2026-05-04https://www.microsoft.com/en-us/security/blog/2026/05/04/breaking-the-code-multi-stage-code-of-conduct-phishing-campaign-leads-to-aitm-token-compromise/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-06https://www.microsoft.com/en-us/security/blog/2026/05/06/clickfix-campaign-uses-fake-macos-utilities-lures-deliver-infostealers/
- microsoft.cominlineMicrosoft Security Blog, 2026-05-18https://www.microsoft.com/en-us/security/blog/2026/05/18/storm-2949-turned-compromised-identity-into-cloud-wide-breach/
- microsoft.cominlineMicrosoft Threat Intelligence — Fox Tempesthttps://www.microsoft.com/en-us/security/blog/2026/05/19/exposing-fox-tempest-a-malware-signing-service-operation/
- microsoft.cominlineMicrosoft Threat Intelligence, 2026-05-28https://www.microsoft.com/en-us/security/blog/2026/05/28/the-gentlemen-ransomware-dissecting-a-self-propagating-go-encryptor/
- microsoft.cominlineMicrosoft, 2026-06-08https://www.microsoft.com/en-us/security/blog/2026/06/08/ai-brands-as-bait-how-threat-actors-are-using-the-ai-hype-in-social-engineering/
- msrc.microsoft.cominlineMicrosoft MSRC CVE-2026-41091https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41091
- msrc.microsoft.cominlineMicrosoft MSRC, 2026-06-16https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50656
- ncsc.admin.chinlineNCSC Switzerland Im Fokus, 2026-05-01https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2026/einschtzung_mythos_2026.html
- ncsc.admin.chinlineNCSC-CH, 2026-06-09https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2026/wochenrueckblick_23.html
- news.risky.bizinlineRisky Business, 2026-06-18https://news.risky.biz/risky-bulletin-china-arrests-members-of-silver-fox-cybercrime-group/
- news.risky.bizinlineRisky Business News bulletinhttps://news.risky.biz/risky-bulletin-dutch-police-take-down-giant-botnet-of-17-million-devices/
- nltimes.nlinlineNL Times English summaryhttps://nltimes.nl/2026/05/28/ncsc-dutch-police-disrupt-global-botnet-controlled-via-netherlands-based-servers
- oasis.securityinlineOasis Security 2026-05-07https://www.oasis.security/blog/cline-kanban-websocket-hijack
- opensourcemalware.cominlineOpenSourceMalwarehttps://opensourcemalware.com/blog/miasma-reaches-azure
- osservatorionessuno.orginlineOsservatorio Nessuno — Morpheus, 2026-04-23https://osservatorionessuno.org/blog/2026/04/morpheus-a-new-spyware-linked-to-ips-intelligence/
- ox.securityinlineOX Security, 2026-05-21https://www.ox.security/blog/megalodon-cicd-malware-github/
- pgadmin.orginlinepgAdminhttps://www.pgadmin.org/docs/pgadmin4/9.16/release_notes_9_16.html
- piunikaweb.cominlinePiunikaWeb, 2026-05-08https://piunikaweb.com/2026/05/08/jdownloader-website-hacked-malware/
- politie.nlinlinePolitie, 2026-06-18https://www.politie.nl/en/news/2026/juni/18/11-international-law-enforcement-initiate-hunt-on-malware-group-socgholish.html
- politie.nlinlineCybercrime Team of the Dutch Politie Unit The Hague and the NCSC.nl jointly took down the Asocks residential-proxy infrastructurehttps://www.politie.nl/nieuws/2026/mei/28/06-politie-en-ncsc-halen-groot-botnetwerk-offline.html
- proofpoint.cominlineProofpoint, 2026-06-18https://www.proofpoint.com/us/blog/threat-insight/sayonara-socgholish-operation-endgame-disrupts-major-cybercrime-operation
- pushsecurity.cominlinePush Security, 2026-05https://pushsecurity.com/blog/installfix
- pushsecurity.cominlinePush Security, 2026-05-29https://pushsecurity.com/blog/llmshare-malvertising-campaign
- pwc.cominlinePwC Threat Intelligencehttps://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/red-lamassu-open-season.html
- qurium.orginlineQurium, 2026-06-18https://www.qurium.org/forensics/finding-popa/
- research.checkpoint.cominlineCheck Point Research, 2026-05-22https://research.checkpoint.com/2026/fast-and-furious-nimbus-manticore-operations-during-the-iranian-conflict/
- research.checkpoint.cominlineCheck Point Research, 2026-06-17https://research.checkpoint.com/2026/from-stars-to-upvotes-fake-reputation-fueling-a-crypto-clipboard-hijacker/
- research.checkpoint.cominlineCheck Point Research, 2026-06-03https://research.checkpoint.com/2026/impersonation-click-hijacking-and-tds-inside-a-malware-distribution-ecosystem/
- research.checkpoint.cominlineCheck Point Research, 2026-05-13https://research.checkpoint.com/2026/thus-spoke-the-gentlemen/
- research.jfrog.cominlineJFrog Security Research — IronWormhttps://research.jfrog.com/post/iron-worm-shai-hulud-rustier-cousin/
- safedep.ioinlineSafeDep, 2026-05-21https://safedep.io/megalodon-mass-github-repo-backdooring-ci-workflows/
- sansec.ioinlineSansec, 2026-05-14https://sansec.io/research/funnelkit-woocommerce-vulnerability-exploited
- sec.cloudapps.cisco.cominlineCisco PSIRThttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv
- securelist.cominlineKaspersky Securelist, 2026-05-14https://securelist.com/kimsuky-appleseed-pebbledash-campaigns/119785/
- securelist.cominlineKaspersky Securelist, 2026-05-06https://securelist.com/oceanlotus-suspected-pypi-zichatbot-campaign/119603/
- securelist.cominlineKaspersky Securelist, 2026-05-05https://securelist.com/tr/daemon-tools-backdoor/119654/
- security-hub.ncsc.admin.chinlineNCSC-CH Security Hub #12569, 2026-05-13https://security-hub.ncsc.admin.ch/#/posts/12569
- security.cominlineBroadcom Security, 2026-05-18https://www.security.com/blog-post/fast16-nuclear-sabotage
- security.cominlineSymantec / Broadcom, 2026-06-16https://www.security.com/threat-intelligence/dragonforce-msteams-backdoor
- securityaffairs.cominlineSecurity Affairs, 2026-05-12https://securityaffairs.com/192003/malware/android-banking-trojan-trickmo-evolves-using-ton-network-for-c2.html
- securityweek.cominlineSecurityWeek, 2026-06-15https://www.securityweek.com/chinese-hackers-target-medical-military-and-ai-research-in-north-america/
- securityweek.cominlineSecurityWeek, 2026-05-04https://www.securityweek.com/digicert-revokes-certificates-after-support-portal-hack/
- securityweek.cominlineSecurityWeekhttps://www.securityweek.com/kodak-admits-data-breach-after-shinyhunters-hack-claims/
- securityweek.cominlineSecurityWeek, 2026-05-28https://www.securityweek.com/russia-linked-greyvibe-attackers-use-ai-to-supercharge-cyberattacks/
- securityweek.cominlineSecurityWeek, 2026-05-04https://www.securityweek.com/sophisticated-quasar-linux-rat-targets-software-developers/
- sentinelone.cominlineSentinelOne, 2026-05-15https://www.sentinelone.com/blog/living-off-the-pipeline-defending-against-ci-cd-subversion/
- socket.devinlineSocket, 2026-05-13https://socket.dev/blog/gemstuffer
- sonatype.cominlineSonatype, 2026-06-11https://www.sonatype.com/blog/atomic-arch-npm-campaign-adds-malicious-dependency
- sophos.cominlineSophos X-Ops, 2026-05-07https://www.sophos.com/en-us/blog/donuts-and-beagles-fake-claude-site-spreads-backdoor
- stepsecurity.ioinlineStepSecurity — Miasma AI coding agent injectionhttps://www.stepsecurity.io/blog/miasma-worm-hits-microsoft-again-azure-functions-action-and-72-other-repositories-disabled-after-supply-chain-attack-targeting-ai-coding-agents
- techcrunch.cominlineTechCrunch, 2026-05-27https://techcrunch.com/2026/05/27/crowdstrike-and-google-take-down-botnet-used-by-hackers-to-target-software-developers-in-supply-chain-attacks/
- techcrunch.cominlineTechCrunch, 2026-05-28https://techcrunch.com/2026/05/28/hackers-are-trying-to-steal-signal-users-backups-in-new-wave-of-phishing-attacks/
- thehackernews.cominlineThe Hacker News, 2026-05-16https://thehackernews.com/2026/05/funnel-builder-flaw-under-active.html
- thehackernews.cominlineThe Hacker News, 2026-05-13https://thehackernews.com/2026/05/gemstuffer-abuses-150-rubygems-to.html
- thehackernews.cominlineThe Hacker News, 2026-05-27https://thehackernews.com/2026/05/glassworm-malware-takedown-disrupts.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/05/grandoreiro-malware-and-btmob-rat.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/interpol-operation-ramz-disrupts-mena.html
- thehackernews.cominlineThe Hacker News, 2026-05-26https://thehackernews.com/2026/05/iranian-hackers-deploy-minifast-and.html
- thehackernews.cominlineThe Hacker News, 2026-05-28https://thehackernews.com/2026/05/jinx-0164-targets-cryptocurrency-firms.html
- thehackernews.cominlineThe Hacker News, 2026-05-29https://thehackernews.com/2026/05/kimsuky-deploys-httpspy-expands-arsenal.html
- thehackernews.cominlineThe Hacker News, 2026-05-25https://thehackernews.com/2026/05/lazarus-deploys-remotepe-memory-only.html
- thehackernews.cominlineThe Hacker News, 2026-05-22https://thehackernews.com/2026/05/megalodon-github-attack-targets-5561.html
- thehackernews.cominlineThe Hacker News, 2026-05-21https://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html
- thehackernews.cominlineThe Hacker News, 2026-05-12https://thehackernews.com/2026/05/new-trickmo-variant-uses-ton-c2-and.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/pre-stuxnet-fast16-malware-tampered.html
- thehackernews.cominlineThe Hacker News 2026-05-04https://thehackernews.com/2026/05/progress-patches-critical-moveit.html
- thehackernews.cominlineThe Hacker News, 2026-05-05https://thehackernews.com/2026/05/scarcruft-hacks-gaming-platform-to.html
- thehackernews.cominlineThe Hacker News, 2026-05-21https://thehackernews.com/2026/05/showboat-linux-malware-hits-middle-east.html
- thehackernews.cominlineThe Hacker News, 2026-06-04https://thehackernews.com/2026/06/china-linked-ta4922-expands-phishing.html
- thehackernews.cominlineThe Hacker News, 2026-06-16https://thehackernews.com/2026/06/clickfix-campaigns-expand-malware.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/06/miasma-worm-hits-73-microsoft-github.html
- thehackernews.cominlineThe Hacker News, 2026-06-17https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html
- thehackernews.cominlineThe Hacker News, 2026-06-11https://thehackernews.com/2026/06/the-gentlemen-ransomware-claims-478.html
- therecord.mediainlineThe Record, 2026-05-12https://therecord.media/foxconn-confirms-cyberattack-north-american-factories
- therecord.mediainlineThe Record, 2026-05-06https://therecord.media/hackers-compromise-daemon-tools-global-supply-chain-attack
- therecord.mediainlineThe Record — Huawei VRP / POST Luxembourghttps://therecord.media/huawei-zero-day-behind-last-year-luxembourg-telecom-outage
- therecord.mediainlineThe Record, 2026-05-19https://therecord.media/microsoft-disrupts-fox-tempest-malware-signing-service
- theregister.cominlineThe Register, 2026-05-12https://www.theregister.com/cyber-crime/2026/05/12/foxconn-confirms-cyberattack-after-nitrogen-claims-apple-nvidia-data-theft/5239144
- threatdown.cominlineMalwarebytes ThreatDown, 2026-06-17https://www.threatdown.com/blog/prinz-eugen-ransomware-a-deep-dive-into-a-new-go-based-encryptor/
- threatfabric.cominlineThreatFabric, 2026-05-11https://www.threatfabric.com/blogs/new-trickmo-variant-device-take-over-malware-targeting-banking-fintech-wallet-auth-app
- threatfabric.cominlineThreatFabric, 2026-06-04https://www.threatfabric.com/blogs/own-goal-piracy-as-an-attack-vector-to-target-football-fans
- trendmicro.cominlineTrend Micro Research, 2026-05-05https://www.trendmicro.com/en_us/research/26/e/installfix-and-claude-code.html
- trendmicro.cominlineTrend Micro Research, 2026-05-04https://www.trendmicro.com/en_us/research/26/e/quasar-linux-qlnx-a-silent-foothold-in-the-software-supply-chain.html
- unit42.paloaltonetworks.cominlineUnit 42, 2026-06-08https://unit42.paloaltonetworks.com/microsoft-teams-phishing/
- unit42.paloaltonetworks.cominlineUnit 42, 2026-05-22https://unit42.paloaltonetworks.com/tracking-iran-apt-screening-serpens/
- watchguard.cominlineWatchGuard — Grandoreiro Europe/LatAmhttps://www.watchguard.com/wgrd-security-hub/secplicity-blog/grandoreiro-malware-campaign-targets-europe-and-latin-america
- welivesecurity.cominlineESET WeLiveSecurity, 2026-06-16https://www.welivesecurity.com/en/eset-research/fishmongers-arsenal-upgraded-sprysocks-windows/
- welivesecurity.cominlineESET WeLiveSecurity, 2026-05-05https://www.welivesecurity.com/en/eset-research/rigged-game-scarcruft-compromises-gaming-platform-supply-chain-attack/
- welivesecurity.cominlineESET WeLiveSecurity — BTMOBhttps://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
- wiz.ioinlineWiz Research — JINX-0164https://www.wiz.io/blog/threat-actors-target-crypto-orgs
- wpscan.cominlineWPScan, 2026-06-11https://wpscan.com/vulnerability/68addf8c-9ea6-4b62-9f85-e95350b3992e/
- zetter-zeroday.cominlineKim Zetter / ZERO DAY, 2026-05-16https://www.zetter-zeroday.com/experts-confirm-the-fast16-malware-was-sabotaging-nuclear-weapons-tests-likely-in-iran/
- zimperium.cominlineZimperium zLabs, 2026-06-16https://zimperium.com/blog/rokarolla-android-banker-with-complete-device-takeover-capabilities
Items in briefs about QNAP Malware Remover code injection (fixed 6.6.8.20251023) — AryStinger NAS access vector
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.