%term

Mini Shai-Hulud Hits @antv: 323 npm Packages Compromised Through the atool Maintainer Account

May 19, 2026 By Alina Podoba In Mend

An active supply chain attack has compromised 323 npm packages published under the atool npm maintainer account. The wave sweeps the entire @antv data-visualization organization alongside standalone libraries with wide independent adoption: echarts-for-react, timeago.js, size-sensor, and canvas-nest.js. With echarts-for-react pulling roughly 1.1 million weekly downloads, any project that auto-updates these packages is in scope.

Read Post

Mend

Read more about Mini Shai-Hulud Hits @antv: 323 npm Packages Compromised Through the atool Maintainer Account

The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised

May 19, 2026 By Liran Tal In Snyk

The ink was barely dry on our coverage of the AntV Shai Hulud supply chain attack when a new compromise surfaced in the Python ecosystem. The target this time is durabletask, an open source Python package associated with Microsoft, used for building durable, fault-tolerant workflow orchestration on top of the Durable Task Framework. The latest safe version of durabletask is 1.4.0, and three known versions have been yanked from the PyPI registry.

Read Post

Snyk

Read more about The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised

Kevin Mandia on AI-Powered Attacks: The Race Just Got Faster | Black Hat | Reach Security

May 19, 2026 By Reach Security In Reach Security

At Black Hat last year, we sat down with Kevin Mandia to talk about what's coming. His take: offense is going to accelerate with AI. Not slow down. Not plateau. Accelerate. When you've run more red teams than practically anyone on the planet, the pattern is clear. Getting into a victim network is already a race. AI compresses those time frames further. The attack surface isn't changing. Misconfigurations, things that slipped, controls that were on and got turned off. The entry point stays the same. AI just makes the race to exploit it faster.

View Video

Reach Security

Read more about Kevin Mandia on AI-Powered Attacks: The Race Just Got Faster | Black Hat | Reach Security

DDoS Attack Prevention: 15 Best Practices to Stop Attacks in 2026

May 18, 2026 By Venkatesh Sundar In Indusface

DDoS attacks cost businesses an average of $6,130 per minute in downtime losses. According to the Indusface State of Application Security 2026 report, 70% of all websites faced at least one DDoS attack in 2025, attacks per website grew 27% year over year, and APIs were targeted 675% more than traditional websites.

Read Post

Indusface

Read more about DDoS Attack Prevention: 15 Best Practices to Stop Attacks in 2026

Mini Shai-Hulud: The Most Sophisticated NPM Supply Chain Attack of 2026

May 18, 2026 By Snyk In Snyk

On May 11, 2026, the TanStack namespace was hit by a "Mini Shai-Hulud" supply chain attack. Unlike typical attacks, this did not involve stolen credentials; instead, the threat group TeamPCP hijacked the legitimate GitHub Actions release pipeline. This video covers the technical details of the OIDC token extraction, the "Dead Man's Switch" that triggers a rm -rf / upon credential revocation, and the mandatory remediation order you must follow to save your data. We also discuss how to harden your workflow using release-age cooldowns and OIDC pinning.

View Video

Snyk

Read more about Mini Shai-Hulud: The Most Sophisticated NPM Supply Chain Attack of 2026

What We Can Learn From the MoD Data Breach Attack

May 18, 2026 By SecuritySenses In SecuritySenses

The recent Ministry of Defence (MoD) data breach has raised serious concerns about cyber security, data protection and public trust. The attack exposed the personal details of thousands of serving and former armed forces personnel, including names, bank details, addresses and National Insurance numbers. Reports suggest that hackers gained access through a third-party payroll contractor linked to the MoD.

Read Post

SecuritySenses

Read more about What We Can Learn From the MoD Data Breach Attack

Prompt Analysis for AI Attack Detection: Four Signal Categories, Three Blind Spots, One Correlation Layer

May 17, 2026 By Yossi Ben Naim In ARMO

At 2:47 PM on a Tuesday, a customer support agent receives a routine ticket asking about return policy edge cases. The agent retrieves a section from your internal policy wiki through RAG to formulate the response. Three weeks earlier, an attacker had planted a hidden instruction in that wiki page. Bedrock Guardrails scored the retrieved context at 0.04 — well within benign range.

Read Post

ARMO

Read more about Prompt Analysis for AI Attack Detection: Four Signal Categories, Three Blind Spots, One Correlation Layer

DDoS Protection for Healthcare: Uptime, Compliance, and Patient Safety

May 15, 2026 By Vinugayathri Chinnasamy In Indusface

Healthcare absorbed ~24 million attacks in 2025, a 115% increase year over year, according to the Indusface State of Application Security 2026 report. DDoS alone grew 39% across the sector. But disruption here is not just about lost revenue or downtime. When systems go dark, emergency rooms divert patients, doctors lose access to electronic health records, and appointments are cancelled.

Read Post

Indusface

Read more about DDoS Protection for Healthcare: Uptime, Compliance, and Patient Safety

AI Agent Attack Detection: The Complete Framework for Security Teams

May 15, 2026 By Shauli Rozen In ARMO

It usually starts the same way. The CISO comes back from a board meeting having signed off on agentic AI for production. The SOC lead is told, in roughly that many words, to build detection for the agents. And the security stack she has — CNAPP for posture, EDR on the nodes, container runtime sensors, a SIEM ingesting everything — was architected before AI agents existed as a workload class.

Read Post

ARMO

Read more about AI Agent Attack Detection: The Complete Framework for Security Teams

Phishing Attacks Begin Targeting the 2026 FIFA World Cup

May 14, 2026 By KnowBe4 Team In KnowBe4

A major phishing operation is targeting soccer/football fans ahead of the 2026 FIFA World Cup, which begins in June, according to researchers at Flare. The attackers have set up at least 79 phishing sites impersonating the official FIFA website.

Read Post