Shai-Hulud variant compromises dozens of open-source Microsoft packages.
ID: 00b1ad5b-2d6d-53d9-bc51-cffcc8af75ed
STIX ID: report--00b1ad5b-2d6d-53d9-bc51-cffcc8af75ed
Feed Name: The CyberWire
This CyberWire roundup reports several high-impact incidents: a trojanized variant (Miasma/Mini Shai-Hulud) compromised at least 73 signed Microsoft open-source packages to steal credentials; Microsoft released patches for a record 200 vulnerabilities including multiple zero-days and public exploit releases; Check Point fixed an actively exploited VPN zero-day (CVE-2026-50751) tied to a Qilin ransomware affiliate; Meta disclosed a bug in its AI support tool that enabled takeover of more than 20,000 Instagram accounts; and Meta filed contempt proceedings against NSO Group for continued targeting of WhatsApp users.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
