Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

Blog

Byadmblake May 18, 2026

Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP. The list of identified packages is below – chalk-tempalte (825 Downloads) @deadcode09284814/axios-util (284 Downloads) axois-utils (963 Downloads) color-style-utils (934 Downloads) “One of the packages (chalk-tempalte)

chalk-tempalte (825 Downloads)
@deadcode09284814/axios-util (284 Downloads)
axois-utils (963 Downloads)
color-style-utils (934 Downloads)

“One of the packages (chalk-tempalte)

Blog

How Neuroscience Can Help Us Battle ‘Alert Fatigue’

By understanding the neurological realities of human attention, organizations can build more sustainable security operations that protect not only their digital assets but also the well-being of those who defend them.

Read More How Neuroscience Can Help Us Battle ‘Alert Fatigue’
Blog

Implementing Secure by Design Principles for AI

Harnessing AI’s full transformative potential safely and securely requires more than an incremental enhancement of existing cybersecurity practices. A Secure by Design approach represents the best path forward.

Read More Implementing Secure by Design Principles for AI
Blog

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is as follows – CVE-2025-22224 (CVSS score: 9.3) – A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious…

Read More VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
Blog

U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday removed three individuals linked to the Intellexa Consortium, the holding company behind a commercial spyware known as Predator, from the specially designated nationals list. The names of the individuals are as follows – Merom Harpaz Andrea Nicola Constantino Hermes Gambazzi Sara…

Read More U.S. Treasury Lifts Sanctions on Three Individuals Linked to Intellexa and Predator Spyware
Blog

RansomHub Taps FakeUpdates to Target US Government Sector

A ransomware activity wave using the SocGholish MaaS framework for initial access also has affected banking and consulting firms in the US, Taiwan, and Japan since the beginning of the year.

Read More RansomHub Taps FakeUpdates to Target US Government Sector
Blog

CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught

The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices.

Read More CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught

Related