AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
Infosecurity Magazine

Vidar Stealer 2.0 Exploits GitHub, Reddit to Deliver Malware via Fake Game Cheats

Hundreds of GitHub repositories seemingly offering “free game cheats” deliver malware, including the Vidar infostealer, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

FBI seeks victims of Steam games used to spread malware

The FBI is asking gamers who installed Steam titles containing malware to provide information as part of an ongoing investigation into eight malicious games uploaded to the gaming platform.
The Hacker News

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.
Mashable

Your Instagram account may have been compromised by hackers, too

The biggest stories of the day delivered to your inbox.