#cybersecurity #5G #tech
Recently, the introduction of 5G has been one of the most significant shifts that has occurred in the infrastructure in recent times.
Category: cybercrime/malcode – Page 7
GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions.
Researchers at Aikido, Socket, Step Security, and the OpenSourceMalware community have collectively identified 433 compromised components this month in attacks attributed to GlassWorm.
Evidence of a single threat actor running the GlassWorm campaigns across multiple open-source repositories is provided by the use of the same Solana blockchain address used for command-and-control (C2) activity, identical or functionally similar payloads, and shared infrastructure.
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories.
“The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by appending obfuscated code to files like setup.py, main.py, and app.py,” StepSecurity said. “Anyone who runs pip install from a compromised repo or clones and executes the code will trigger the malware.”
According to the software supply chain security company, the earliest injections date back to March 8, 2026. The attackers, upon gaining access to the developer accounts, rebasing the latest legitimate commits on the default branch of the targeted repositories with malicious code, and then force-pushing the changes, while keeping the original commit’s message, author, and author date intact.
Stryker attack wiped tens of thousands of devices, no malware needed
Last week’s cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices.
The organization says in an update on Sunday that all its medical devices are safe to use but electronic ordering systems remain offline, and customers must place orders manually through sales representatives.
Stryker emphasizes that the incident was not a ransomware attack and that the threat actor did not deploy any malware on its systems.
New ‘negative light’ technology hides data transfers in plain sight
Engineers at UNSW Sydney and Monash have developed an innovative way of sending hidden information that’s hard to intercept. Using a phenomenon known as “negative luminescence,” the system works by making signals blend perfectly into the background of natural heat radiation, such as can be seen with a thermal camera.
To outside observers, it looks like no data is being sent at all. Only a receiver with the right equipment can pick up the hidden message.
Because the very act of communication is invisible, the method makes signals almost impossible to intercept or hack. That means it could one day offer a powerful new security tool for sensitive communications in fields like defense and finance.
