Shai-Hulud variant compromises dozens of open-source Microsoft packages.
ID: 64e8b95b-d6e1-5a0a-b74d-c93d288ecff0
STIX ID: report--64e8b95b-d6e1-5a0a-b74d-c93d288ecff0
Feed Name: The CyberWire
This report covers three active incidents: (1) the Miasma variant trojanized at least 73 Microsoft-signed open-source packages to execute credential-stealing code when repositories are opened in certain AI coding tools, prompting package takedowns and recommendations to revoke/rotate keys and tokens; (2) Check Point released patches for an actively exploited VPN zero-day (CVE-2026-50751) impacting IKEv1 deployments, used in attacks linked to a Qilin ransomware affiliate; and (3) the French government's Tchap messaging platform was breached, exposing public forum messages for roughly 73,467 agents (and a claimed ~640,000 messages), while private encrypted conversations reportedly remained protected.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
