The malware loader known as PikaBot is now being distributed through a malvertising campaign. Initially only distributed via malspam campaigns, PikaBot is being used in attacks by TA577, a prolific cybercrime threat actor. The malware allows threat actors to gain unauthorized remote access to systems and execute commands, including shellcode, DLLs, or executable files, and other malicious tools.
Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers
Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targeting top-tier Node.js and
.webp?w=0&resize=0,0&ssl=1 "Top 10 Best User Access Management Tools in 2026")