Monday 25 May 2026 20:05:06 GMT+02:00

Netcrook

HomeManifesto
News
Corporate Security IncidentsCloud, SaaS & Identity SecurityIndustrial Cybersecurity & Critical InfrastructureCyber Intelligence, TrendsAI Security & Agentic SystemsCyber Intelligence & Threat TrendsCyber WarfareCyber Warfare & Nation-State OperationsCyber CriminalityBreaches & Data LeaksCybercrimeMalware & BotnetsRansomware & ExtortionSecurity Awareness & Social EngineeringLegal PolicyLegal, Policy & Government CybersecurityPrivacy, Regulation & ComplianceTechnology, InnovationTechnology, Innovation & Digital InfrastructureVulnerabilities Patch ManagementResearch, Exploits & Offensive SecurityVulnerabilities & Patch Management
Techcrook
Tutte le tecnologieIdentita e accessoFirewall e reteBackup e archiviazioneEnergia e continuitaPrivacy e sicurezza fisicaLaboratorio e prototipazioneStampa e tracciabilitaTecnologia quotidiana
Geocrook
AfricaAsiaEuropeMiddle EastNorth AmericaOceaniaSouth America
WikicrookTeamAppContact
EnglishItalianoArabic

#npm worm

The Trust Chain Is Burning: What a Week of Mixed Attacks Reveals

18 May 2026 18:17Malware & BotnetsIRONQUERY

A roundup of an Exchange 0-day, an npm worm, a fake AI page, and a Cisco exploit points to one recurring tactic: attackers keep going after systems people already trust.

#Exchange 0-day | #npm worm | #Cisco exploit

When Package Trust Turns Toxic: The Shai-Hulud npm Worm and the Secret-Hunting Playbook

15 May 2026 19:27Malware & BotnetsNorth America / USANEXUSGUARDIAN

A reported self-propagating npm worm puts a spotlight on the fragile chain linking package installs, developer secrets, cloud access, and cluster control.

#Shai-Hulud | #npm worm | #developer credentials

When an npm Worm Starts Copying Itself, the Trust Model Becomes the Target

12 May 2026 20:28Malware & BotnetsNorth America / USANEXUSGUARDIAN

A new wave of malicious package activity tied to the TanStack ecosystem shows how one infected release can become a propagation engine, turning normal JavaScript dependency behavior into a supply-chain risk.

#npm packages | #TanStack | #supply chain worm