GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...
GitHub

GitHub - Oracleo/SOC-Project1-Brute-Force-Detection-Splunk: Mini SOC Lab demonstrating real-time brute-force attack detection using Splunk SIEM, Windows Event Logs, and ...

A detection query was developed using Splunk's Search Processing Language to identify potential brute-force attacks. The query searches for Event ID 4625, aggregates failed login attempts by account ...
GitHub

FPolicy Add-on for Splunk

Set the external server IP as the device IP (or leave it as 0.0.0.0); the port number should be any unused port number. Match the policy name in ONTAP FPolicy for a ...