Malware Alerts

Mini Shai-Hulud Malware Infects AntV npm Packages via Compromised Maintainer Accounts

Posted: May 19, 2026

Categories: Malware Alerts

Tags: malware

Author: Npav Lab

A supply chain attack called Mini Shai-Hulud compromised multiple npm packages in the @antv ecosystem, injecting credential-stealing malware. Developers using affected packages risk stolen tokens, data exfiltration, and persistent malware infections.

Fake DeepSeek TUI GitHub Repositories Used to Spread Malware via AI Tool Spoofing

Posted: May 13, 2026

Categories: Malware Alerts, AI

Tags: malware, github, developers, deepseek, ai

Author: Npav Lab

Cybersecurity researchers have discovered fake GitHub repositories impersonating DeepSeek TUI to deliver malware. The campaign uses compressed archives and multi-stage payloads to bypass detection, disable Windows Defender, and establish persistent access on infected systems.

Fake Claude AI Installer Pages Spread Malware Through Google Ads

Posted: May 08, 2026

Categories: Google, Malware Alerts, AI

Tags: phishing, malware, google ads, google, claude ai

Author: Npav Lab

Hackers are using fake Claude AI installer pages and Google Ads to spread malware, steal credentials, and infect Windows and macOS systems.

DAEMON Tools Supply Chain Attack Infects Official Installers With Malware

Posted: May 07, 2026

Categories: Malware Alerts, Cyber Attack, Microsoft

Tags: windows, microsoft, malware, cyber attack

Author: Npav Lab

Hackers compromised official DAEMON Tools installers with malware in a major supply chain attack affecting users worldwide. Learn how to stay protected.

Malicious Google Ads Target Crypto Users with Wallet Drainers

Posted: April 23, 2026

Categories: Google, Malware Alerts, Financial fraud

Tags: phishing, google ads, google, fraud, financial fraud, cryptocurrency

Author: Npav Lab

Hackers exploit Google Ads to steal cryptocurrency using fake sites, wallet drainers, and seed phrase phishing, causing major financial losses in 2026.

Mustang Panda Targets India Banks with New LOTUSLITE Malware Variant

Posted: April 22, 2026

Categories: Bank Phishing, Malware Alerts, Hacker, Banking Trojan, Cloud malware

Tags: india, hacker, banks, bankingmalware, banking

Author: Npav Lab

New LOTUSLITE malware linked to Mustang Panda targets India’s banking sector and South Korean policy groups in advanced cyber-espionage attacks.

Hackers Exploit n8n AI Workflow to Deliver Malware via Trusted Webhooks

Posted: April 16, 2026

Categories: Malware Alerts, Hacker, AI

Tags: fp-4b, fp-4a, fp-3a, fp-2c, fp-2b, fp-2a, fp-1b, fp-1a, f-3b

Author: Npav Lab

Cybercriminals abuse n8n AI workflow automation to deliver malware through trusted webhooks, bypassing security filters and targeting enterprise users.

Malicious PDF exploiting Adobe Acrobat zero-day vulnerability to steal data and compromise systems

Posted: April 10, 2026

Categories: Malware Alerts, Data Breach, vulnerability

Tags: fp-3a, fp-2c, fp-2b, fp-2a, fp-1b, fp-1a

Author: Npav Lab

Adobe Acrobat Reader zero-day vulnerability exploited through malicious PDFs to steal data and gain system access. Learn risks and protection tips.

LucidRook Malware Spread via Fake Security Software Targets Taiwan Organizations

Posted: April 09, 2026

Categories: Security, Malware Alerts, Cloud malware

Tags: fp-5a, fp-4a, fp-3b, fp-3a, fp-2a, fp-1b, fp-1a, f-4b

Author: Npav Lab

Hackers use fake antivirus software to deliver LucidRook malware in targeted attacks on Taiwan NGOs and universities, exploiting spearphishing techniques.

Infiniti Stealer Malware Targets macOS via Fake Cloudflare CAPTCHA

Posted: March 27, 2026

Categories: Malware Alerts, Data Breach

Tags: fp-5a, fp-4b, fp-4a, fp-3b, fp-3a, fp-1b, fp-1a

Author: Npav Lab

Infiniti Stealer is a new macOS malware spreading through fake Cloudflare CAPTCHA pages, tricking users into running malicious commands and stealing sensitive data.