https://cluster-site.onrender.com/tags/malicious/ Recent content in Malicious on Tenu Tech Brief Hugo -- 0.146.0 en-us Wed, 25 Feb 2026 17:44:48 +0000 https://cluster-site.onrender.com/posts/malicious-next.js-repos-target-developers-via-fake-job-interviews/ Wed, 25 Feb 2026 16:42:00 +0000 https://cluster-site.onrender.com/posts/malicious-next.js-repos-target-developers-via-fake-job-interviews/ • Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines https://cluster-site.onrender.com/posts/malicious-nuget-packages-stole-asp.net-data-npm-package-dropped-malware/ Wed, 25 Feb 2026 12:43:00 +0000 https://cluster-site.onrender.com/posts/malicious-nuget-packages-stole-asp.net-data-npm-package-dropped-malware/ • Malicious NuGet Packages Stole ASP • NET Data; npm Package Dropped Malware Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP https://cluster-site.onrender.com/posts/disrupting-malicious-uses-of-ai-february-2026/ Wed, 25 Feb 2026 00:00:00 +0000 https://cluster-site.onrender.com/posts/disrupting-malicious-uses-of-ai-february-2026/ • Our latest threat report examines how malicious actors combine AI models with websites and social platforms-and what it means for detection and defense https://cluster-site.onrender.com/posts/1campaign-platform-helps-malicious-google-ads-evade-detection/ Tue, 24 Feb 2026 21:45:05 +0000 https://cluster-site.onrender.com/posts/1campaign-platform-helps-malicious-google-ads-evade-detection/ • 1Campaign platform helps malicious Google ads evade detection February 24, 2026 04:45 PM 0 A newly identified cybercrime service known as 1Campaign is enabling threat actors to r https://cluster-site.onrender.com/posts/developer-targeting-campaign-using-malicious-next.js-repositories/ Tue, 24 Feb 2026 17:28:24 +0000 https://cluster-site.onrender.com/posts/developer-targeting-campaign-using-malicious-next.js-repositories/ • Microsoft Defender Experts identified a coordinated developer-targeting campaign delivered through malicious repositories disguised as legitimate Next.js projects and technical a https://cluster-site.onrender.com/posts/another-day-another-malicious-jpeg-mon-feb-23rd/ Mon, 23 Feb 2026 14:26:39 +0000 https://cluster-site.onrender.com/posts/another-day-another-malicious-jpeg-mon-feb-23rd/ • Another day, another malicious JPEG In his last two diaries, Xavier discussed recent malware campaigns that download JPEG files with embedded malicious payload[1,2]. • At that po https://cluster-site.onrender.com/posts/malicious-npm-packages-harvest-crypto-keys-ci-secrets-and-api-tokens/ Mon, 23 Feb 2026 10:20:00 +0000 https://cluster-site.onrender.com/posts/malicious-npm-packages-harvest-crypto-keys-ci-secrets-and-api-tokens/ • Cybersecurity researchers have disclosed what they say is an active ‘Shai-Hulud-like’ supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm package https://cluster-site.onrender.com/posts/malicious-ai/ Thu, 19 Feb 2026 12:05:39 +0000 https://cluster-site.onrender.com/posts/malicious-ai/ • Malicious AI Summary: An AI agent of unknown ownership autonomously wrote and published a personalized hit piece about me after I rejected its code, attempting to damage my reput https://cluster-site.onrender.com/posts/an-update-to-the-malicious-crate-notification-policy-rust-blog/ Wed, 18 Feb 2026 14:35:25 +0000 https://cluster-site.onrender.com/posts/an-update-to-the-malicious-crate-notification-policy-rust-blog/ • ContentWeekly EditionArchivesSearchKernelSecurityEvents calendarUnread commentsLWN FAQWrite for us Weekly Edition Archives Search Kernel Security Events calendar Unread comments https://cluster-site.onrender.com/posts/an-update-to-the-malicious-crate-notification-policy-rust-blog/ Wed, 18 Feb 2026 14:35:25 +0000 https://cluster-site.onrender.com/posts/an-update-to-the-malicious-crate-notification-policy-rust-blog/ • ContentWeekly EditionArchivesSearchKernelSecurityEvents calendarUnread commentsLWN FAQWrite for us Weekly Edition Archives Search Kernel Security Events calendar Unread comments https://cluster-site.onrender.com/posts/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages/ Tue, 17 Feb 2026 12:33:13 +0000 https://cluster-site.onrender.com/posts/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages/ • Update Chrome now: Zero-day bug allows code execution via malicious webpages Google hasissueda patch for a high‑severity Chrome zero‑day, tracked asCVE‑2026‑2441, a memory bug in https://cluster-site.onrender.com/posts/over-300-malicious-chrome-extensions-caught-leaking-or-stealing-user-data/ Sat, 14 Feb 2026 12:00:00 +0000 https://cluster-site.onrender.com/posts/over-300-malicious-chrome-extensions-caught-leaking-or-stealing-user-data/ • Security researchers have discovered more than 300 Chrome extensions that leak browser data, spy on their users, or outright steal users’ data.Research focused on the analysis of https://cluster-site.onrender.com/posts/malicious-chrome-extensions-caught-stealing-business-data-emails-and-browsing-history/ Fri, 13 Feb 2026 11:25:00 +0000 https://cluster-site.onrender.com/posts/malicious-chrome-extensions-caught-stealing-business-data-emails-and-browsing-history/ • Cybersecurity researchers have discovered a malicious Google Chrome extension that’s designed to steal data associated with Meta Business Suite and Facebook Business Manager. • T https://cluster-site.onrender.com/posts/crates.io-an-update-to-the-malicious-crate-notification-policy/ Fri, 13 Feb 2026 00:00:00 +0000 https://cluster-site.onrender.com/posts/crates.io-an-update-to-the-malicious-crate-notification-policy/ • The crates.io team will no longer publish a blog post each time a malicious crate is detected or reported. • In the vast majority of cases to date, these notifications have invol https://cluster-site.onrender.com/posts/crates.io-an-update-to-the-malicious-crate-notification-policy/ Fri, 13 Feb 2026 00:00:00 +0000 https://cluster-site.onrender.com/posts/crates.io-an-update-to-the-malicious-crate-notification-policy/ • The crates.io team will no longer publish a blog post each time a malicious crate is detected or reported. • In the vast majority of cases to date, these notifications have invol https://cluster-site.onrender.com/posts/lazarus-campaign-plants-malicious-packages-in-npm-and-pypi-ecosystems/ Thu, 12 Feb 2026 16:55:00 +0000 https://cluster-site.onrender.com/posts/lazarus-campaign-plants-malicious-packages-in-npm-and-pypi-ecosystems/ • Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign https://cluster-site.onrender.com/posts/most-parked-domains-now-serving-malicious-content/ Tue, 16 Dec 2025 14:14:48 +0000 https://cluster-site.onrender.com/posts/most-parked-domains-now-serving-malicious-content/ • Direct navigation - the act of visiting a website by manually typing a domain name in a web browser - has never been riskier: A new study finds the vast majority of ‘parked’ doma https://cluster-site.onrender.com/posts/catching-malicious-package-releases-using-a-transparency-log/ Fri, 12 Dec 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/catching-malicious-package-releases-using-a-transparency-log/ • Catching malicious package releases using a transparency log We’re getting Sigstore’s rekor-monitor ready for production use, making it easier for developers to detect tampering https://cluster-site.onrender.com/posts/detecting-malicious-pull-requests-at-scale-with-llms/ Tue, 21 Oct 2025 00:00:00 +0000 https://cluster-site.onrender.com/posts/detecting-malicious-pull-requests-at-scale-with-llms/ • Callan Lamb Christoph Hamsen Julien Doutre Jason Foral Kassen Qian At Datadog, weâve embraced coding assistants because they help us ship features faster, cut down on repetitive