LIVE NEWSROOM · --:-- · May 23, 2026
A LIBRARY FOR SECURITY RESEARCHERS

Threat intel,
decoded &
skills sharpened.

Daily breach reporting, CVE deep-dives, and hands-on hacking tutorials — written by practitioners for the analysts, defenders, and learners who actually do the work.

Read today’s intel Start learning
282+ARTICLES PUBLISHED
DailyTHREAT UPDATES
2021TRUSTED SINCE
BREAKING

NEWS · May 23, 2026 · 8 MIN READ

Megalodon: Supply Chain Attack Backdoors 5,561 GitHub Repos in Six Hours via CI/CD Workflow Injection

Megalodon supply chain attack compromised 5,561 GitHub repos in 6 hours on May 18, injecting malicious CI/CD workflows that steal AWS, GCP, Azure keys and SSH secrets.

EXPLORENews 151Blog 69THM Walkthrough 28Information Gathering 13Tools 11Scanning Network 6Programming 6Cryptography 4

Latest News

View all →

Megalodon: Supply Chain Attack Backdoors 5,561 GitHub Repos in Six Hours via CI/CD Workflow Injection

High·May 23, 2026·3.5k views·8 min readMegalodon supply chain attack compromised 5,561 GitHub repos in 6 hours on May 18, injecting malicious CI/CD workflows that steal AWS, GCP, Azure keys and SSH secrets.

Stolen Gemini API Keys and AI Fraud: How 'Quantum Patriot' Drained Crypto Wallets via Fake QAnon Content

High·May 23, 2026·4.1k views·8 min readA Russian-speaking fraudster used 73 stolen Gemini API keys and an automated Python pipeline to generate fake QAnon content, distribute wallet-draining malware, and compromise 29 WordPress sites.

Stack String Obfuscation in C: The Technique That Blinds AV, YARA, and Static Scanners

Medium·May 23, 2026·1.8k views·10 min readStack strings let malware hide C2 URLs and API names from static analysis. Learn how the technique works in C, which real malware uses it, and how defenders detect it with FLOSS and objdump.

YARA-X 1.16.0: Faster Scans, Panic Fixes, and Neovim LSP Support

Medium·May 12, 2026·2.1k views·7 min readYARA-X 1.16.0 ships with performance improvements across 10 PRs, constant folding for bitwise ops, configurable match context, and two panic-condition bugfixes.

Instructure Removed from ShinyHunters' Leak Site as Canvas Breach Deadline Passes

High·May 12, 2026·2.7k views·8 min readInstructure was quietly removed from ShinyHunters' extortion site after the May 12, 2026 deadline — no data dump, no explanation, no ransom confirmation.

Costa Rica Joins Have I Been Pwned as the 42nd Government

Medium·May 12, 2026·2.0k views·7 min readCosta Rica's CSIRT gains free access to Have I Been Pwned's government domain monitoring service, becoming the 42nd nation in the global breach visibility program.

LummaC2 Infostealer Targets US Critical Infrastructure: CISA-FBI Advisory AA25-141B and DOJ Domain Seizures

Critical·May 12, 2026·4.8k views·8 min readCISA and FBI advisory AA25-141B details LummaC2 MaaS infostealer TTPs targeting critical infrastructure. DOJ seized 2,300 domains. Detection and mitigation guide.

MacSync Stealer: Hackers Abuse Google Ads and Claude.ai Chats to Push Mac Malware

High·May 12, 2026·2.4k views·9 min readRussian-speaking attackers combine Google Ads and Claude.ai shared chats in a ClickFix campaign deploying MacSync Stealer infostealer on macOS. Over 200 malicious ads active.

Research Work

All guides →

Port Scanning Techniques: Nmap, Zenmap, and Scanning Through Firewalls

Medium·5.0k·17 min

Oracle Monthly Critical Security Patch Updates (CSPU) Guide: Runbook Changes and Verification Automation

Critical·3.0k·11 min

SHA-1 Algorithm Explained: How It Works, Step by Step

Medium·3.3k·15 min

VENOMOUS#HELPER RMM Detection: Stop SimpleHelp and ScreenConnect Backdoors

High·609·12 min

SCA Tool EOL Dependency CVE Blind Spot Detection: What Snyk and Dependabot Miss

Medium·3.6k·11 min

UAT-8302 China APT Malware Analysis: Shared Implants, IOCs, and Detection Rules

High·3.0k·16 min

PRC State-Sponsored Telecom Router Compromise Detection: CISA AA25-239a Breakdown

Medium·3.6k·15 min

North Korea Cryptocurrency Theft Tactics 2026: How DPRK Seized 76% of All Stolen Crypto

Medium·4.1k·12 min

Ruby Gem Supply Chain Attack Detection: CI Checklist for Sleeper Packages

Medium·3.5k·13 min

npm Supply Chain Attack Audit: Detect Mini Shai-Hulud in SAP, PyTorch Lightning, and Intercom Dependencies

Medium·1.9k·16 min

Trending This Week

  1. 01What is Information GatheringInformation Gathering·Dec 9·7 min
  2. 02Best Information Gathering ToolsInformation Gathering·Dec 13·12 min
  3. 03How to install knockpy on Linux for information gatheringTools·Dec 13·5 min

Popular Tags

Browse by topic · auto-updates daily
#network 32#ethical hacking 30#supply chain 27#tool 26#linux 26#thm walkthrough 24#patch 24#ip address 22#walkthrough 22#footprinting 20#credential theft 19#Passive Information Gathering 19#malware 17#RCE 17#data breach 15#phishing 14#information gathering 13#AI security 13#ransomware 12#critical infrastructure 11#network 32#ethical hacking 30#supply chain 27#tool 26#linux 26#thm walkthrough 24#patch 24#ip address 22#walkthrough 22#footprinting 20#credential theft 19#Passive Information Gathering 19#malware 17#RCE 17#data breach 15#phishing 14#information gathering 13#AI security 13#ransomware 12#critical infrastructure 11
#zero-day 11#CISA 10#ShinyHunters 9#security news 8#threat intelligence 8#backdoor 7#nmap 7#ICS 7#malware analysis 7#THM 7#Google 7#extortion 7#supply chain attack 6#network security 6#infostealer 6#programming 6#OT security 6#exploit 6#vulnerability research 5#news 5#zero-day 11#CISA 10#ShinyHunters 9#security news 8#threat intelligence 8#backdoor 7#nmap 7#ICS 7#malware analysis 7#THM 7#Google 7#extortion 7#supply chain attack 6#network security 6#infostealer 6#programming 6#OT security 6#exploit 6#vulnerability research 5#news 5
    Sponsored
    Scroll to Top
    Ad