Agregátor RSS

Official Red Hat NPM accounts have been compromised and used to push a malicious worm that spreads from machine to machine, where it pilfers sensitive credentials in hopes of stealing yet more confidential data, researchers said.

The supply-chain attack began Monday and remained active at the time this post went live, according to researchers at security firm Aikido. It’s the result of the threat actor responsible for the hack taking control of @redhat-cloud-services, a legitimate channel in the npm repository that’s reserved for official Red Hat packages. As such, the channel is widely trusted by developers who rely on Red Hat cloud services.

The vicious cycle of today’s supply-chain attacks

It’s unclear precisely how the threat actor took control of the namespace, but it almost certainly involved the compromise of credentials required to access it, possibly through a previous supply-chain attack. More than 30 packages seem to be affected.

Read full article

Comments

The biggest threat to America’s midterm elections in November likely isn’t foreign attackers hacking US voting machines. Phishing and election-official impersonation are the bigger risks, according to Check Point, which documented more than 5,000 election-themed domains registered between April and May. These domains can be used by attackers for phishing, impersonation, fraud, misinformation, or influence activity, especially when coupled with about 17,000 exposed credentials associated with fundraising orgs, political parties, and government-related services also spotted by the security shop’s intelligence arm in May. "Election-related domains and leaked credentials represent two sides of the same problem: infrastructure and access," Danielle Hess, a cyber threat intelligence analyst at Check Point Software, told The Register. "A rise in election-themed domains not only creates more potential infrastructure that could be abused for phishing or impersonation, but also reflects a growing election-related ecosystem with more organizations, accounts, and users that can be targeted," Hess said. "When combined with a large pool of exposed credentials, attackers have more opportunities to conduct convincing and scalable election-related operations." Plus, AI gives phishing, impersonation, election misinformation and other scam operations a massive boost, making them faster, cheaper, and easier to scale. The uptick in election-related threats follows the Trump administration’s efforts to gut America’s lead cyber-defense agency and decimate its efforts to combat election-related fraud, while slashing its budget and workforce, and cutting all federal funding for the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). According to a Monday report, Check Point has been monitoring registered domains and documented about 1,300 containing the keyword “election” and 2,957 containing “vote” in January. Three months later, between April 13 and May 14, about 1,140 newly registered domains contained the word "election," while the number containing "vote" had climbed to about 4,010. While simply registering a domain doesn’t guarantee it will be used for malicious purposes, such domains are often used for phishing pages that impersonate voter info sites or candidates themselves, and campaign donation scams, and misinformation sites designed to look like official election communications. Along these lines, the security shop documented thousands of leaked credentials in May linked to fundraising and political party websites including about 9,500 ActBlue.com (Democrats’ fundraising site) compromised credentials, 6,500 leaked WinRed.com (Republican fundraising) credentials, plus 600 from the official Republican gop.com website, 130 from democrats.org, and 150 leaked usa.gov citizen services’ site credentials. Hess told us that "it's important to note that the credential statistics reflect credentials identified on Check Point's External Risk Management (ERM) platform as of May 2026 and are not limited to credentials that were necessarily stolen or leaked during May 2026 itself." As the reports point out, the credential leaks aren't limited to one political party or specific campaigns. “Individual political campaign domains showed little to no observed credential exposure across a sample of swing-state candidates from both major political parties, reinforcing that current exposure is concentrated in centralized platforms rather than campaign-specific infrastructure,” according to the report. “A single campaign domain stood out as an exception, with around 90 leaked credentials identified,” the report continued. "The campaign domain referenced was associated with candidate Tom Kean," Hess said, referring to Rep. Tom Kean Jr. (R-NJ). "However, it's important to note the credentials were identified within infostealer malware logs, which typically reflect opportunistic compromise rather than deliberate targeting of a specific campaign. While not indicative of direct targeting, the presence of these credentials may still pose a security risk if associated accounts remain active or reused.” In addition to the political org-related credential exposure, voter information is also appearing across dark web forums ahead of the November midterms. This includes a January 30 BreachForums post advertising data - being given away for free - tied to the Fremont County, Colorado election division. The data dump included names, email addresses, IP address data, and election-related portal submission information. On April 26, the threat hunters spotted a post on criminal forum Spear[.]cx, claiming to offer a multi-state US voter database covering more than two dozen states and Washington, DC. ®

Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. [...]

Červen je na velké novinky slabší, ale to jen proto, že hned v jeho úvodních týdnech světoví vydavatelé odhalí očekávané novinky. I během sledování Summer Game Festu a dalších konferencí ale budeme mít co hrát.

Vzali jsme týdenní přehledy nejstahovanějších filmů, které se objevují na torrentech, a spojili je do jednoho žebříčku. Tohle jsou aktuálně filmy, o které je na světě největší zájem, které se nejvíc pirátí.

A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm. "This is effectively a Mini Shai-Hulud campaign: it uses the same core tactics of install-time execution, credential harvesting, CI/CD targeting, encrypted exfiltration, and potential

A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm. "This is effectively a Mini Shai-Hulud campaign: it uses the same core tactics of install-time execution, credential harvesting, CI/CD targeting, encrypted exfiltration, and potential Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Nvidia na své konferenci NVIDIA GTC Taipei 2026 představila řadu novinek. Společně s Microsoftem představili superčip NVIDIA RTX Spark (až 6 144 jader GPU, 20 jader CPU, 1 petaflop AI výkonu v FP4 a 128 GB jednotné paměti). První notebooky a stolní počítače s tímto čipem od Nvidie místo Intelu nebo AMD by se měly na trh dostat na podzim letošního roku.

Vyjma jednoho všechny nemovitostní fondy v roce 2025 hravě překonaly inflaci. Většina jich vydělala kolem 5–8 %, nejlepší se dostal přes 20 %.

Nearly 2,000 WordPress websites were infected with malware that relies on Steam Community profile comments to hide command-and-control (C2) data. [...]

The wrong IPS rule can look like a security fix right up until it becomes an outage.

Dell přináší novou generaci levnějších zařízení, která nešetří na nesprávných místech. • XPS 13 má luxusní displej, celodenní výdrž, biometrii i podsvícenou klávesnici. • Dell se přímo postaví MacBooku Neo, jako rivala jej firma sama zmiňuje.

Apple will open the doors to developers at its Worldwide Developer Conference (WWDC) next week. Beyond a big push on AI and new OSes focused on stability and performance, what should developers expect? Mostly it’s about new APIs, Foundation Models, and App Intents; here’s what I’ve been able to figure out so far.

Foundation Models

Apple has been building new Apple Intelligence APIs. One way it is achieving this is to take models made with Google Gemini, then distill and shrink them to fit inside (and run on) its devices. The progression will be to introduce these as a new crop of Foundation models developers can use in their apps. There’s more:

• New APIs mean developers will be able to run Apple Intelligence tools such as summarization directly on the customer device, all offline, all private.
• Developers that use Apple’s standard text editing/entry views will gain access to improved Apple-developed tools inside their apps without custom-coding.
• Because intelligence takes place on the user’s device, neither developers nor users will need to pay for those AI tokens. This is a distinct cost and privacy-saving advantage for customers and developers.

App Intents: The next generation

Apple continues on its quest to convince developers to make features of their apps available for use via Siri with App Intents. Doing so requires developers to wrap their apps into semantic structures, enabling speech/text-based interaction. To help them achieve this, Apple is expected to introduce a complete redesign of its App Intents framework.

Speak as you wish

While users must say “Hey Siri” to invoke its attention today, the assistant will respond more dynamically to natural language. Combined with App Intents, that means users should be able to ask Siri to use a combination of apps to make things happen on the device.

A developer might build a travel app that can take an itinerary and hand it across to a budgeting tool, for example. The idea is that with a spoken or typed command, a person will be able to call on a collection of apps to identify the destination, create an itinerary, put together a to-do list, prepare relevant letters or emails, and assemble a budget — all invoked by the original command.

What about context?

We’re expecting Siri to become better at using the content of your screen, location, and other personal data as it seeks to provide more contextualized responses. We don’t yet know the extent or form in which Apple will make that information available to third-party developers to help contextualize their own apps. Apple’s focus on privacy matters a great deal, as does its relationship with regulators, some of whom will demand that data made available to Apple’s own apps be made available to third-party apps. These are important matters for Apple, app developers, and customers who want the convenience of AI without loss of privacy.

More consistent UI tools on Swift

Swift should get better at migrating legacy code, but the big speculation around it concerns Liquid Glass. Will Swift make it easier for developers to build consistent user interfaces that work properly across all Apple’s platforms? If it does, then it will help overcome one of the big criticisms of Apple’s liquid-inspired UI. Swift will also usher in the tools developers need to support agentic application coding.

Better vibes for Xcode

Vibe coding is everywhere, including within Xcode, which is expected to gain improved contextual and predictive understanding to help boost developer productivity. Xcode could also  introduce improved real-time architectural debugging hints, aiming to make it easier for developers to build bug-free apps.

A Mac you can wear: Vision OS

All the AI enhancements made available across Apple’s other products will also be offered to visionOS. That access takes the headset another step closer to becoming the Mac you wear like sunglasses.

Elsewhere

• A new Camera API means developers can build specialized, interactive buttons that users can deploy directly within the native iOS Camera interface. This should be a great way to use more sophisticated camera apps more naturally.
• Wallet Pass means apps will be able to ingest things like barcodes or gym passes for use within Wallet.
• Icon Composer might offer more tools designed to promote consistency.

Intel finally retires

Apple will abandon Intel support in macOS 27, which means developers will likely end support for legacy Intel applications in response.

After the gold rush

Once the lights go down on WWDC, Apple’s real test will be to see if its announcements help make AI useful, private, and affordable to developers and their customers. After all, if Apple gets AI right on a platform basis, it should be able to offer the kind of on-device intelligence no one else can match, at no charge to developers or users — a move that might yet kick-start AI innovation across its platforms. This will provide a moat around the Apple ecosystem, inside which developers can explore new potentials for AI to give customers the tools they need at costs they can afford.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon, and MeWe. 

Vivaldi je duchovní nástupce staré dobré Opery. • Jde o prohlížeč pro pokročilé uživatele, kteří se nebojí hodiny ladit každý detail. • Více možností nastavení nenabídne žádný jiný prohlížeč.

Microsoft says an ongoing incident is preventing users of its Teams collaboration platform and Office for the web cloud-based productivity suite from opening files. [...]

Grand Theft Auto cheat users have discovered that even the people selling ways around the rules struggle to follow some basic security ones. According to breach notification site Have I Been Pwned, the operators of Atlas Menu, a cheat service for Grand Theft Auto V and Counter-Strike 2, suffered a data breach in May that exposed information belonging to tens of thousands of users after an attacker allegedly gained access to the service's systems and dumped its database online. The breach exposed 64,000 unique email addresses, according to HIBP. The leaked data also included usernames, IP addresses, support tickets, and passwords stored as bcrypt hashes. The individual who claimed responsibility for the breach published the stolen database to a public GitHub repository, claiming to have gained access to "all Atlas systems" before extracting customer records, support conversations, menu license keys, signup dates, and Rockstar Games account identifiers. The data, reviewed by The Register, also appears to include lists of thousands of banned users, administrator logs, and other internal records. Posts discussing the breach on Reddit suggest this was not Atlas Menu's first security incident, but users said the latest leak appears to contain significantly more sensitive information than previous disclosures. Anyone signing up for a GTA cheat service probably wasn't expecting privacy guarantees. Even so, having your email address leaked is one thing. Having support tickets, account identifiers, and purchase records dumped onto GitHub is another. The Atlas breach comes weeks after Rockstar Games was pulled into a separate data leak claimed by ShinyHunters. In that case, the extortion crew alleged it had accessed Rockstar data through cloud cost-monitoring platform Anodot and threatened to publish the information unless its demands were met. Atlas users now have their own security headache to deal with. Whether they're more concerned about the leaked database or the screenshot-spying allegation will likely depend on what they were doing while the software was running. ®

Attackers are exploiting vulnerabilities faster than many organizations can identify and patch them. SecAlerts explains why faster vulnerability alerts can help reduce exposure and improve response times. [...]

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: poisoned dev tools, sketchy forum chatter, phishing kits pretending to be productivity, and AI lowering the bar for people who already thought 'curl | sh' had a personality. The vibe is simple: old