ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories
The internet did not break this week. It got used exactly as designed, which is worse
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The internet did not break this week. It got used exactly as designed, which is worse
Rough Monday
The first ThreatsDay Bulletin of 2026 lands on a day that already feels symbolic — new year, new breaches, new tricks. If the past twelve months taught defenders anything, it’s that threat actors don’t pause for holidays or resolutions. They just evolve faster. This week’s round-up shows how subtle shifts in behavior, from code tweaks to job scams, are rewriting what “cybercrime” looks like in
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims
The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every other day.
The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.
Cybersecurity researchers have taken the wraps off a previously undocumented spyware targeting the Apple macOS operating system
ESET discovery highlights new targeted espionage campaign
Researchers have disclosed details of a newly discovered macOS variant of a malware implant developed by a Chinese espionage threat actor known to strike attack organizations across Asia
Researchers have discovered a previously unknown macOS malware variant called GIMMICK, which is believed to be a custom tool used by a Chinese espionage threat actor known as 'Storm Cloud.' [...]