https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.stepsecurity.io%2Fblog%2Felementary-data-compromised-on-pypi-and-ghcr-forged-release-pushed-via-github-actions-script-injection%23indicators-of-compromise&data=05%7C02%7Ckimberly.kaleta%40sra.io%7C3cf92125c72a4e98b80508dea54fc63f%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639129959248110129%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=DeoFBiX%2FmQxoeOCXnUGRo%2BDVgrZTIn3iQnnlPwxxS1E%3D&reserved=0#new_tab 2026-04-28T19:06:02Z Security Risk Advisors en 🚩 GitHub Actions Exploit Pushes Malicious PyPI Release and Trojaned Container Image 2026-04-28T19:06:02Z Blog https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsocket.dev%2Fblog%2F73-open-vsx-sleeper-extensions-glassworm&data=05%7C02%7Ckimberly.kaleta%40sra.io%7C998d13afac034823364908dea54fc52b%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639129959179515798%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=ockEBaRZfxfGvfqLdLoqguuI0d4WT9P3H4AxiaIM3Fo%3D&reserved=0#new_tab 2026-04-28T19:05:13Z Security Risk Advisors en 🚩 GlassWorm Expands Supply Chain Attack with 73 Sleeper VS Code Extensions Delivering Malware 2026-04-28T19:05:13Z Blog https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fresearch.checkpoint.com%2F2026%2Fvect-ransomware-by-design-wiper-by-accident%2F&data=05%7C02%7Ckimberly.kaleta%40sra.io%7C99ff683ab49a458900ba08dea54fc38f%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639129959164607910%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=PCTcB65vzFB%2BnLDQW2Dw5qJcQ%2B1zEOq8RcfY8A4A170%3D&reserved=0#new_tab 2026-04-28T19:04:19Z Security Risk Advisors en 🚩 VECT Ransomware Acts as a Wiper Due to Critical Encryption Flaw 2026-04-28T19:04:19Z Blog https://www.zscaler.com/blogs/security-research/tropic-trooper-pivots-adaptixc2-and-custom-beacon-listener#new_tab 2026-04-27T19:44:33Z Security Risk Advisors en 🚩 Tropic Trooper Used A Trojanized SumatraPDF Reader, AdaptixC2, And VS Code Tunnels To Target Chinese-Speaking Individuals In Asia 2026-04-27T19:44:33Z Blog http://thedfirreport.com/2026/04/22/bissa-scanner-exposed-ai-assisted-mass-exploitation-and-credential-harvesting/#new_tab 2026-04-27T19:43:34Z Security Risk Advisors en 🚩 Bissa Scanner Used AI-Assisted Workflows and React2Shell To Harvest Secrets at Scale From Public-Facing Web Applications 2026-04-27T19:43:34Z Blog https://cloud.google.com/blog/topics/threat-intelligence/unc6692-social-engineering-custom-malware/#new_tab 2026-04-27T19:42:23Z Security Risk Advisors en 🚩 UNC6692 Used Helpdesk Impersonation, Microsoft Teams Social Engineering, And A Custom “SNOW” Malware Suite To Achieve Deep Network Penetration 2026-04-27T19:42:23Z Blog