TidBITS

DarkSword Exploit Threatens iPhones Still Running iOS 18

Security researchers have discovered DarkSword, a sophisticated exploit chain targeting iOS 18.4 through 18.7.2. Unlike past spyware aimed at high-profile targets, DarkSword is being surreptitiously ...

"CanisterWorm" supply chain malware attacks npm

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, worm-like malware across dozens of packages, security firms say. Named CanisterWorm ...

iPhone users in South Africa a prime target

Phone users in South Africa have become potentially lucrative targets to cybercriminals using a new attack called “DarkSword.” ...
Cyber Daily

Code security platform Trivy compromised by malicious packages

Unidentified threat actors have successfully compromised the GitHub repository for “all-in-one” security scanner Trivy, pushing a malicious update to downstream users that can deploy an infostealer.