TeamPCP Breaches GitHub via Poisoned VS Code Extension
TeamPCP stole 3,800 GitHub internal repos via a malicious Nx Console update live for just 11 minutes, tracing back to the TanStack supply chain compromise.
Articles Tagged "Malware"
LiteLLM Compromised: Credential Stealer in PyPI Package
LiteLLM versions 1.82.7 and 1.82.8 contain a credential-stealing payload that exfiltrates SSH keys, cloud credentials, and crypto wallets to a lookalike domain. The package has 97 million monthly downloads.
Hundreds of LLM-Written GitHub Repos Are Malware
We ran the GitHub search query from a researcher's blog post and confirmed 300+ malicious repositories with AI-generated READMEs distributing info-stealers - with the real number likely north of 1,000.
RoguePilot - How a Hidden Comment in a GitHub Issue Could Steal Your Entire Repository
Orca Security reveals RoguePilot, a supply chain attack that weaponizes GitHub Issues to hijack Copilot in Codespaces and exfiltrate repository tokens.
Criminals Are Vibe-Coding Malware Now - The First Samples Are Worse Than You Think
From a ransomware that accidentally destroys its own decryption keys to an 88,000-line Linux framework built by one person in a week - AI-generated malware is here, and its fingerprints are unmistakable.
OpenAI Rebrands Aardvark as Codex Security, Adds Malware Analysis
OpenAI's agentic security researcher Aardvark is now Codex Security, with a new malware analysis pipeline that lets users upload samples, run automated analysis, and pull structured reports.
The #1 Skill on OpenClaw's Marketplace Was Malware: Inside the ClawHub Supply Chain Attack
1,184 malicious skills were found on OpenClaw's ClawHub marketplace - stealing SSH keys, crypto wallets, browser passwords, and opening reverse shells. One attacker uploaded 677 packages alone. The #1 ranked skill had 9 vulnerabilities and was downloaded thousands of times.
Your AI Assistant Is a Backdoor: Researchers Turn Copilot and Grok Into Malware Command Channels
Check Point Research demonstrates how Microsoft Copilot and xAI's Grok can be hijacked as covert command-and-control proxies, blending malware traffic with legitimate AI usage.
