#Malware
4 posts
Axios npm compromise pushed a cross-platform RAT through a fake dependency
Axios npm compromise pushed a cross-platform RAT through a fake dependency A compromise of the widely used axios package on npm shows why defenders cannot rely...
April 1, 2026
5 min read
Lucas Oliveira
Research
Trivy GitHub Action compromise exposed CI/CD secrets in a stealth supply-chain attack
Trivy GitHub Action compromise exposed CI/CD secrets in a stealth supply-chain attack A supply-chain compromise in Aqua Security’s aquasecurity/trivy-action sho...
March 22, 2026
4 min read
Lucas Oliveira
Research
GlassWorm Shifts to Transitive Open VSX Dependencies in Developer Supply-Chain Push
GlassWorm Shifts to Transitive Open VSX Dependencies in Developer Supply-Chain Push GlassWorm is no longer just a story about obviously malicious extensions. Th...
March 21, 2026
5 min read
Lucas Oliveira
Research
Slopoly Shows How AI-Generated Malware Is Entering Ransomware Operations
Slopoly Shows How AI-Generated Malware Is Entering Ransomware Operations | 2026 Executive Summary IBM X-Force says a ransomware-linked intrusion involved a like...
March 17, 2026
4 min read
Lucas Oliveira
Research