%term

"A Mini Shai-Hulud Has Appeared": Bun-Based Stealer Hits SAP @cap-js and mbt npm Packages

Apr 29, 2026 By Stephen Thoemmes In Snyk

On April 29, 2026, attackers published malicious versions of four npm packages in the SAP development ecosystem: mbt, @cap-js/db-service, @cap-js/sqlite, and @cap-js/postgres. Each compromised release ships a preinstall hook that downloads the Bun JavaScript runtime from GitHub Releases and uses it to execute an ~11.6 MB obfuscated credential stealer.

Read Post

Snyk

Read more about "A Mini Shai-Hulud Has Appeared": Bun-Based Stealer Hits SAP @cap-js and mbt npm Packages

Fake Ransomeware Scam

Apr 29, 2026 By KnowBe4 | Human Risk Management In KnowBe4

A Flashy pop-up + a huge ransom demand = FAKE. "Your files aren't encrypted." It's theater designed to panic you into paying. Close the browser. Don't click and don't pay. Real ransomware doesn't need the dramatics. Fake ones do.

View Video

KnowBe4

Read more about Fake Ransomeware Scam

What Is the Best Free Antivirus Software to Protect Your Device?

Apr 28, 2026 By Nathan James Turner In Internxt

A lot of times, people only worry about the best antivirus software before it’s too late; they may have accidentally downloaded or opened a file containing malware, causing file corruption, data loss, or even encrypting their device. There are many free antivirus software options, and the best antivirus products out there also offer additional features to help further protect your device.

Read Post

Internxt

Read more about What Is the Best Free Antivirus Software to Protect Your Device?

Bugs & Betrayal - Vect Analysis

Apr 28, 2026 By Sean Moran In JUMPSEC

Vect is a newly observed RaaS operation that emerged in December of 2025, with affiliate recruitment and victim postings following shortly after in January 2026. Following the 19th of March 2026 Trivy/LiteLLM supply chain attack conducted by TeamPCP, in which ~340 GB uncompressed data was stolen, Vect announced on the dark web forum “Breached” that they would be partnering with TeamPCP.

Read Post

JUMPSEC

Read more about Bugs & Betrayal - Vect Analysis

Do you want to stop your Mac's battery from draining? Here's what you need to do!

Apr 28, 2026 By SecuritySenses In SecuritySenses

Although MacBook batteries are meant to last for quite some time, the truth is that these batteries can be inherently difficult to manage sometimes. That's why the most important thing is to learn what drains the battery's power and how you can stop this issue to the best of your capabilities. Here's what you need to take into account.

Read Post

SecuritySenses

Read more about Do you want to stop your Mac's battery from draining? Here's what you need to do!

The Silent Data Problem in Hospitals

Apr 27, 2026 By Rubrik In Rubrik

We’ve all been there: a temporary file created for a claim gets saved and forgotten. Ten years later, that "temporary" file is a massive liability. Stephen Bader from Powers Health shares how they are tackling sensitive data sprawl. It’s not malicious; it’s just how work happens. But identifying and securing that PHI is a multi-year project every healthcare system needs to start today. Hear how Powers Health is cleaning up their data footprint with Josh Howell.

View Video

Rubrik

Read more about The Silent Data Problem in Hospitals

How to Protect Backups from Ransomware with NAKIVO's Malware Scan

Apr 23, 2026 By NAKIVO Team In NAKIVO

Backups have become a primary target for ransomware. Hackers want to ensure that companies pay the ransom by not allowing them to recover their data independently. With NAKIVO Backup & Replication, you get several features (for example, immutable backup targets) to ensure that once created, a backup cannot be infected or corrupted with a new ransomware infection.

Read Post

NAKIVO

Read more about How to Protect Backups from Ransomware with NAKIVO's Malware Scan

Alert: WhatsApp Phishing Campaign Delivers Malware

Apr 21, 2026 By KnowBe4 Team In KnowBe4

A new phishing campaign is using WhatsApp messages to deliver malware, according to researchers at Microsoft. The attackers are attempting to trick users into installing malicious Visual Basic Script (VBS) files. “The campaign relies on a combination of social engineering and living-off-the-land techniques,” Microsoft says.

Read Post

KnowBe4

Read more about Alert: WhatsApp Phishing Campaign Delivers Malware

The Three-Layer Strategy for Autonomous Agent Governance with Joe Hladik and Amit Malik

Apr 21, 2026 By Rubrik In Rubrik

The race for AI dominance has created a dangerous imbalance between business velocity and cyber resilience. In this episode, host Caleb Tolin is joined by ⁠Joe Hladik⁠, Head of ⁠Rubrik⁠ Zero Labs, and Staff Security Researcher ⁠Amit Malik⁠ to break down the findings of their latest report on agentic adoption. The discussion centers on the Agentic Paradox. This is the technical reality that tools designed to automate high-level tasks are inherently built to find the most efficient path around obstacles, including existing security policies.

View Video

Rubrik

Read more about The Three-Layer Strategy for Autonomous Agent Governance with Joe Hladik and Amit Malik

When AI Breaks Consent

Apr 21, 2026 By Rubrik In Rubrik

You might have a good idea of how AI can help your business, but how can it harm your business? Catch this full episode of Data Security Decoded, featuring Ojas Rege from OneTrust, and understand why AI risk isn’t just compliance risk, but also operational and business risk. Listen and subscribe to Data Security Decoded wherever you get your podcasts.

View Video