< ciso
brief />
Tag Banner

All news with #data exfiltration tag

217 articles · page 3 of 11

TeamPCP Offers Mistral AI Code Repositories for Sale

🔒 Mistral AI says the TeamPCP group is offering nearly 450 repositories allegedly stolen from the company’s codebase, demanding a $25,000 buy‑it‑now price and threatening to leak the files within a week if unsold. The hackers claim about 5 gigabytes of internal source code used for training, fine‑tuning, benchmarking, model delivery, and inference was exfiltrated after a compromise tied to the Mini Shai-Hulud supply‑chain attack and tampered TanStack packages. Mistral confirmed some SDK packages were contaminated briefly but says forensic analysis found no compromise of core repositories, hosted services, or managed user data.
read more →

Compromised node-ipc Releases Contain Stealer and Backdoor

⚠️ Researchers from Socket and StepSecurity warn that recently published versions of node-ipc (9.1.6, 9.2.3 and 12.0.1) contain an obfuscated stealer/backdoor triggered at runtime. The payload is appended as an IIFE to node-ipc.cjs, causing execution on every require('node-ipc') and avoiding npm lifecycle hooks. It fingerprints hosts, harvests up to 90 credential categories, compresses data, and exfiltrates via HTTPS to sh.azurestaticprovider[.]net and via DNS TXT records after overriding the resolver. The malicious builds were published by an unrelated maintainer account, prompting removal and secret rotation recommendations.
read more →

Fired Employee Used AI to Hide Deletion of Federal Data

🔒 Two former hosting-company employees allegedly deleted dozens of customer and federal databases after being fired; one brother was convicted on computer-fraud and related charges. Investigators say one used a public AI chatbot to ask how to clear SQL and Windows logs, aiding evidence destruction. Experts warn this underscores failures in off-boarding and privileged access controls and call for stronger AI guardrails and real-time revocation.
read more →

Iranian Hackers Target Major South Korean Electronics Maker

🔒 Symantec researchers attribute a February 2026 cyber-espionage campaign to MuddyWater (Seedworm), which spent a week inside a major South Korean electronics manufacturer's network. The attackers relied on DLL sideloading of legitimate binaries — Fortemedia's fmapp.exe and SentinelOne's sentinelmemoryscanner.exe — to load malicious DLLs containing ChromElevator. They used PowerShell (now invoked via Node.js loaders) for reconnaissance, credential theft, persistence and SOCKS5 tunneling, and exfiltrated data via sendit.sh.
read more →

Foxconn Confirms Cyberattack at North American Sites

🔒 Foxconn confirmed a cyberattack affected some of its North American factories and says impacted sites are resuming normal production. The company said its cybersecurity team activated response measures to maintain continuity of operations and deliveries. Nitrogen ransomware operators claimed 8 TB of data and over 11 million documents were stolen, allegedly including files from Apple, Nvidia, Intel and Google. Foxconn has faced prior ransomware incidents.
read more →

GemStuffer Abuses RubyGems to Store Scraped Council Data

🔍 Security researchers have identified a campaign called GemStuffer that abuses RubyGems as a storage channel for scraped content rather than as a vehicle for mass malware distribution. More than 150 gems were observed packaging HTTP responses from U.K. local government ModernGov portals into valid .gem archives and publishing them using hardcoded API keys. Variants either build and push gems via the CLI (creating temporary credentials under /tmp and overriding HOME) or upload archives directly to the registry API, after which attackers can retrieve the content with a simple gem fetch.
read more →

Mini Shai-Hulud Worm Compromises npm and PyPI Supply Chain

⚠ TeamPCP's "Mini Shai-Hulud" campaign has trojanized npm and PyPI packages from maintainers including TanStack, Mistral AI, OpenSearch, UiPath, and Guardrails AI, deploying an obfuscated credential stealer that targets cloud services, crypto wallets, AI tools, messaging apps and CI systems. The malware exfiltrates data via a Session Protocol domain (filev2.getsession[.]org), a typosquat domain and GitHub API dead-drops, and persists through IDE hooks in Claude Code and VS Code. Attackers abused GitHub Actions OIDC permissions and produced malicious packages with valid SLSA attestations; TanStack's cluster was assigned CVE-2026-45321 (CVSS 9.6).
read more →

Zara Data Breach Exposes Personal Data of 197,000 Customers

🔓 Have I Been Pwned says hackers exfiltrated data tied to Zara affecting 197,400 unique email addresses and associated order SKUs, order IDs, market information, and support tickets. Inditex confirmed the compromised databases were hosted by a former technology provider but said attackers did not access names, phone numbers, postal addresses, credentials, or payment card data. The extortion group ShinyHunters claimed responsibility and posted a 140GB archive allegedly taken from BigQuery using compromised Anodot tokens.
read more →

Critical Ollama Flaw Risks Data Exposure on 300K Servers

🦙 A critical vulnerability in Ollama (CVE-2026-7482) allows unauthenticated attackers to upload a crafted GGUF model file and trigger an out-of-bounds heap read in the model quantization pipeline. The flaw can leak process memory — including system prompts, conversation history, environment variables, API keys, and other secrets — to remote servers. Update to Ollama 0.17.1 and restrict network access.
read more →

ThreatsDay: SMS blaster busts and supply‑chain shocks

🔍 This ThreatsDay bulletin highlights a week of converging risks: Canadian authorities dismantled an SMS blaster operation that spoofed cellular towers, while a malicious npm brandsquat (published as tanstack) exfiltrated local .env files during install. Researchers also flagged networks of browser extensions legally selling browsing and viewing data, the first documented abuse of the Komari admin agent in intrusions, and mass exposure of RDP/VNC servers—underscoring the importance of basic hygiene, credential rotation, and coordinated defensive response.
read more →

Supply Chain npm Attack Targets SAP Developer Tools

🔒 A supply-chain campaign dubbed "mini Shai-Hulud" infected SAP-related npm packages in late April, inserting install-time malware that harvested developer credentials, GitHub and npm tokens, GitHub Actions secrets, and cloud credentials across AWS, Azure, GCP and Kubernetes. Researchers identified affected packages including mbt@1.2.48 and several @cap-js modules. The malicious releases were later replaced with safe versions.
read more →

SAP npm Packages Compromised in Credential-Stealing Attack

🔒 Multiple official SAP npm packages were recently compromised in a supply-chain operation that installs a malicious preinstall script during package installation. The script downloads the Bun runtime and executes an obfuscated payload that harvests a wide range of secrets — including npm and GitHub tokens, SSH keys, cloud credentials, Kubernetes configs, and CI/CD environment variables — and exfiltrates them to public GitHub repositories. Researchers attribute the campaign with medium confidence to TeamPCP and warn it includes self-propagation logic to modify other packages using stolen credentials.
read more →

Supply-Chain Attack Targets SAP-Related npm Packages

⚠️ Researchers have uncovered a supply-chain campaign dubbed the "mini Shai-Hulud" that poisoned multiple SAP-related npm packages to install credential-stealing malware during installation. The malicious releases added a preinstall hook that fetched and executed a platform-specific Bun binary, harvesting local credentials, GitHub and npm tokens, CI secrets, and cloud credentials. Analysts from Aikido Security, SafeDep, Socket, StepSecurity and Wiz advise rotating tokens, inspecting workflows, and upgrading to patched releases.
read more →

DPRK Supply-Chain Campaign Uses AI-Inserted npm Malware

🛡️ Researchers identified an AI-assisted supply-chain campaign that injected malicious code into npm packages — notably @validate-sdk/v2 — after a dependency was introduced by Anthropic's Claude Opus LLM. ReversingLabs named the operation PromptMink and attributed it to DPRK-aligned actor Famous Chollima (aka Shifty Corsair). The tainted packages siphon crypto credentials and secrets through layered transitive dependencies and have evolved into multi-platform RATs and information stealers.
read more →

AI-Assisted Malicious npm Dependency Steals Crypto

🔍 Researchers at ReversingLabs uncovered a malicious npm dependency, @validate-sdk/v2, that exfiltrated secrets and enabled attackers to access cryptocurrency wallets after being added to an autonomous trading agent in February 2026. The commit is reported to have been co-authored by Claude Opus, and attribution points to the North Korean state-sponsored group Famous Chollima. The campaign, tracked as PromptMink, used a two-layer package strategy—public-facing Web3 utilities to attract users while secondary dependencies delivered evolving malware that scanned environment files, collected system information, compressed project data, and installed SSH keys for persistence across Linux and Windows environments.
read more →

US Charges Scattered Spider Hacker Arrested in Finland

🔍 A 19-year-old dual U.S.-Estonian citizen arrested in Finland faces federal charges in the United States, accused of acting as a prolific member of the Scattered Spider hacking collective under the alias Bouquet. Prosecutors allege he helped extort millions through multiple breaches, including a March 2023 intrusion when he was 16 and a May 2025 attack on a multibillion-dollar luxury retailer that prompted an $8 million ransom demand and over $2 million in remediation costs.
read more →

UK Biobank Breach: Half a Million Health Records Listed

🔒 The personal health data of more than 500,000 UK Biobank volunteers was briefly listed for sale on Chinese e-commerce platforms, prompting removal of the adverts and joint action by UK and Chinese authorities. UK Biobank says the datasets were de-identified and did not include direct identifiers such as names or NHS numbers, and there is currently no evidence the data were purchased. The organisation has suspended researcher access, restricted downloads on its cloud research platform and launched a forensic investigation into misuse by researchers at three academic institutions.
read more →

Trigona Ransomware Adopts Custom Tool to Steal Data

🔒 Symantec researchers observed Trigona ransomware affiliates using a custom command-line exfiltration utility, uploader_client.exe, in March to siphon high-value documents to a hardcoded server. The tool supports parallel uploads, TCP rotation after 2GB, selective file-type exclusion, and an authentication key to control access to stolen data. The shift from public utilities like Rclone appears intended to reduce detection during double-extortion operations. Symantec has published IoCs to aid defenders.
read more →

Malicious KICS Docker Images and VS Code Extensions

⚠️ Cybersecurity researchers warn that unknown actors pushed malicious images to the official checkmarx/kics Docker Hub repository, overwriting tags and introducing a non-official release. Socket's analysis shows the bundled KICS binary was modified to collect, encrypt, and exfiltrate uncensored scan reports to an external endpoint, posing a high risk for IaC scans that may include credentials. Related Checkmarx Microsoft Visual Studio Code extensions (versions 1.17.0 and 1.19.0) were also found to contain code that downloads and runs a remote addon via the Bun runtime using a hardcoded GitHub URL without integrity checks. Organizations that used the affected images or extensions should assume exposed secrets are compromised and treat the event as a broader supply chain compromise.
read more →

Harvester Deploys Linux GoGra Backdoor Against South Asia

🔒 Symantec and Carbon Black attribute a new Linux build of the GoGra backdoor to the threat actor known as Harvester, observing deployments likely targeting entities in South Asia. The implant abuses Microsoft Graph and Outlook mailboxes as a covert C2 channel and is delivered via ELF binaries disguised as PDF lures. Incoming tasking emails (subject prefix "Input") contain Base64-encoded shell commands that the backdoor decrypts and runs via /bin/bash, then exfiltrates results as emails labeled "Output" and removes the original messages.
read more →