Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
CoinDesk

The $293 million KelpDAO hack shows why DeFi is finally being forced to grow up

For protocol founders and security researchers, the incident reinforced a broader shift underway across crypto: DeFi is no longer primarily battling coding bugs. It’s battling complexity.
Microsoft

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...
Decrypt

Apple Mac M5 System Exploited With Anthropic's Claude Mythos AI, Researchers Claim

Security startup Calif says researchers used a preview version of Anthropic's Claude Mythos AI to help build an Apple macOS ...
BeInCrypto

Echo Protocol Joins THORChain, Verus as May Hack Count Reaches 14

An attacker has minted 1,000 eBTC on Echo Protocol's Monad bridge, then routed over $800,000 in stolen ETH through Tornado ...

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...
Microsoft

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...
GitHub

An Agentic System for Scalable Articulated 3D Asset Generation.

Articraft transforms the creation of articulated 3D assets into a programmatic, code-generation workflow powered by LLMs. Engineered for large-scale dataset generation, it bypasses heavyweight manual ...