Resources

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages with a previously undocumented self-propagating worm dubbed CanisterWorm.
The name is a reference to the fact that the malware uses an ICP canister, which refers to tamperproof smart contracts on

Related resources

30 August 2025

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently […]

12 April 2026

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for […]

3 March 2026

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor […]

Friday Squid Blogging: Jumbo Flying Squid in the South Pacific

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

Resources

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

Related resources

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Links

Enterprise Solutions

SMB Solutions

Contact Us

Follow Us