Cyber Security News

"Malicious Tanstack Package uses postinstall script to steal developer environment files."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 04 May 2026, 1543 UTC.

Content and Source:  "Cyber Security News."

 URL--https://cybersecuritynews.com/

Please check URL or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Please use slider at bottom of post to center your articles.

Malicious Tanstack Package Uses Postinstall Script to Steal Developer Environment Files

Tushar Subhra Dutta - May 4, 2026

A malicious npm package impersonating the widely trusted TanStack project was discovered on April 29, 2026, silently stealing developer environment files the moment it...

 

New xlabs_v1 Botnet Targets Minecraft Servers Through ADB-Exposed Android Devices

Tushar Subhra Dutta - May 4, 2026

A newly identified botnet called xlabs_v1 has been found targeting Minecraft game servers by exploiting Android devices with the Android Debug Bridge (ADB) port...

 

DOJ Sentences Two Americans to Prison for ALPHV BlackCat Attacks on U.S. Victims

Tushar Subhra Dutta - May 4, 2026

Two American cybersecurity professionals were sentenced to four years each in federal prison on April 30, 2026, for carrying out ransomware attacks against multiple...

 

Attackers Weaponize SAP npm Packages to Steal GitHub, Cloud, and AI Coding Tool Secrets

Tushar Subhra Dutta - May 4, 2026

A new supply chain attack is targeting the SAP developer ecosystem through poisoned npm packages. The campaign uses a malicious worm called "Mini Shai-Hulud,"...

 

CISA Warns of Linux “Copy Fail” 0-Day Vulnerability Exploited to Root Systems

Abinaya - May 4, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Linux kernel zero-day vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning...

 

Apache MINA Vulnerabilities Enables Remote Code Execution Attacks

Abinaya - May 4, 2026

The Apache MINA project has issued urgent security updates to address two critical vulnerabilities that could allow attackers to execute arbitrary code on affected...

 

CISA Warns of cPanel & WHM Vulnerability Exploited in Attacks

Abinaya - May 4, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw affecting widely used web hosting management...

 

Critical MOVEit Vulnerabilities Enables Authentication Bypass

Abinaya - May 4, 2026

Progress Software has issued a critical security bulletin for its MOVEit Automation platform. This April 2026 alert warns of two highly severe vulnerabilities that could...

 

Threat Actors Use AI to Automate 0-Day Discovery and Exploitation at Machine Speed

Tushar Subhra Dutta - May 4, 2026

The way cyberattacks are launched has fundamentally changed. Threat actors are no longer spending months hunting for software flaws by hand. With artificial intelligence...

 

FreeBSD DHCP Client Vulnerability Enables Remote Code Execution as Root

Abinaya - May 4, 2026

The FreeBSD Project has released a critical security advisory addressing a severe flaw in its default IPv4 DHCP client. Tracked as CVE-2026-42511, this vulnerability allows a...

 

Email Bombing and Fake IT Support Calls Fuel New Microsoft Teams Phishing Attacks

Tushar Subhra Dutta - May 4, 2026

A new wave of cyberattacks is targeting employees through a combination of inbox flooding and fake IT support contacts on Microsoft Teams, tricking users...

 

Microsoft Defender Mistakenly Flags DigiCert Root Certificates as Malware

Guru Baran - May 3, 2026

Microsoft Defender triggered widespread false positive alerts after a faulty security update caused it to flag two legitimate DigiCert root certificates as malicious, potentially...

Load more

Cyber Attack news

Critical Wireshark Vulnerabilities Let Attackers Execute Arbitrary Code Via Malformed Packets

 

Microsoft Defender Mistakenly Flags DigiCert Root Certificates as Malware

 

Hackers Breach Government and Military Servers by Exploiting cPanel Vulnerability

 

Trellix Source Code Breach – Hackers Gain Unauthorized Access to Repository

 

Anthropic Launches Claude Security in Public Beta for Enterprise Customers

 

Linux Kernel 0-Day “Copy Fail” Roots Every Major Distribution Since 2017

 

Qilin Ransomware Enumerates RDP Authentication History on a Compromised Server

 

FreeBSD DHCP Client Vulnerability Enables Remote Code Execution as Root

 

CVE MCP Server Turns Claude Into a Fully Capable Security Analyst With 27 Tools Across 21 APIs

 

pentest-ai-agents – 28 Claude Code Subagents for Penetration Testing

 

Attackers Deploy AiTM Phishing Pages to Access SharePoint, HubSpot, and Google Workspace

 

Email Bombing and Fake IT Support Calls Fuel New Microsoft Teams Phishing Attacks

 

cPanelSniper – PoC Exploit Disclosed for cPanel Vulnerability, 44,000 Servers Compromised

 

Hacker Uses Claude and ChatGPT to Breach Multiple Government Agencies

 

Threat Actors Use AI to Automate 0-Day Discovery and Exploitation at Machine Speed

 

CISA Warns of Linux “Copy Fail” 0-Day Vulnerability Exploited to Root Systems

Load more

Cyber Security Tools

Cyber Security News

CVE MCP Server Turns Claude Into a Fully Capable Security Analyst...

Guru Baran - April 30, 2026

Cyber Security

pentest-ai-agents – 28 Claude Code Subagents for Penetration Testing

Guru Baran - April 27, 2026

Cyber Security

METATRON – Open-Source AI Penetration Testing Assistant Brings Local LLM Analysis...

Guru Baran - April 6, 2026

Load more