Friday 26 June 2026 06:42:56 GMT+02:00

Netcrook

HomeManifesto
News
Corporate Security IncidentsCloud, SaaS & Identity SecurityIndustrial Cybersecurity & Critical InfrastructureCyber Intelligence, TrendsAI Security & Agentic SystemsCyber Intelligence & Threat TrendsCyber WarfareCyber Warfare & Nation-State OperationsCyber CriminalityBreaches & Data LeaksCybercrimeMalware & BotnetsRansomware & ExtortionSecurity Awareness & Social EngineeringLegal PolicyLegal, Policy & Government CybersecurityPrivacy, Regulation & ComplianceTechnology, InnovationTechnology, Innovation & Digital InfrastructureVulnerabilities Patch ManagementResearch, Exploits & Offensive SecurityVulnerabilities & Patch Management
Techcrook
Tutte le tecnologieIdentita e accessoFirewall e reteBackup e archiviazioneEnergia e continuitaPrivacy e sicurezza fisicaLaboratorio e prototipazioneStampa e tracciabilitaTecnologia quotidiana
Geocrook
AfricaAsiaEuropeMiddle EastNorth AmericaOceaniaSouth America
WikicrookTeamAppContact
EnglishItalianoArabic

#Sapphire Sleet

One Hijacked npm Identity Can Poison an Entire Dependency Chain

22 June 2026 10:28CybercrimeNorth America / USACIPHERWARDEN

A maintainer-account takeover tied to poisoned Mastra packages shows how package registries can become malware delivery systems when publisher trust is broken.

#Sapphire Sleet | #npm takeover | #Mastra packages

When a Package Registry Turns into a Blind Spot for AI Builders

20 June 2026 18:48Cyber Warfare & Nation-State OperationsNorth America / USAAGONY

Microsoft’s attribution of a Mastra AI-related npm compromise to Sapphire Sleet shows how a software supply chain incident can ripple through developer tooling long before anyone notices a malicious build.

#Mastra AI | #npm packages | #Sapphire Sleet

Fake Updates, Real Risk: The macOS Lure That Turns Trust Into Execution

17 June 2026 12:49Security Awareness & Social EngineeringNorth America / USAPATCHKNIGHT

A macOS targeting campaign shows how a convincing prompt can matter more than a technical exploit when attackers are trying to make the victim run the payload themselves.

#Sapphire Sleet | #macOS | #fake update dialogs

Macs, Wallets, and SSH Keys: The Quiet Theft Path North Korean Operators Keep Chasing

03 June 2026 10:32Cyber Warfare & Nation-State OperationsAsia / North KoreaAGONY

A macOS-focused intrusion campaign attributed to Sapphire Sleet puts the spotlight on a familiar cybercrime prize: secrets that can be reused far beyond one laptop.

#Sapphire Sleet | #macOS malware | #crypto wallets

Mac Targets, Crypto Secrets: A North Korea-Linked Hunt for Wallets and SSH Keys

03 June 2026 08:16Cyber Warfare & Nation-State OperationsAsia / North KoreaAGONY

A newly reported macOS campaign tied to Sapphire Sleet puts financial and crypto organizations in the crosshairs, with secrets rather than splashy malware as the prize.

#BlueNoroff | #crypto wallets | #SSH keys