A familiar package name could be hiding far more than useful code. North Korean actors behind the Contagious Interview campaign have published 35 malicious npm packages, including keyloggers and multi-stage malware loaders like HexEval and InvisibleFerret. By mimicking popular libraries, they’ve tricked thousands of developers into pulling in backdoors designed for cross-platform surveillance.

Search results for AI tools are leading users straight into malware traps. Researchers uncovered a campaign that abuses SEO tactics to rank malicious sites for AI-related queries. These sites distribute payloads like Vidar Stealer and Lumma, wrapped in deceptive installers and ZIP files, while using obfuscation techniques like XOR encryption and browser fingerprinting to stay hidden.

Even AI model frameworks aren’t immune to critical flaws. NVIDIA has patched two vulnerabilities in its Megatron-LM framework that could allow attackers to inject code or escalate privileges. The bugs, affecting the Python component, pose a serious risk to model integrity and data security if left unpatched.

Top Malware Reported in the Last 24 Hours

Contagious Interview drops malicious npm packages

North Korean threat actors linked to the Contagious Interview campaign have published 35 malicious npm packages, six of which remain active. These packages have been downloaded over 4,000 times. The attack uses a malware loader called HexEval, which decodes and executes second-stage malware (BeaverTail) and third-stage backdoors (InvisibleFerret). This layered approach evades static analysis and manual reviews. Attackers employ typosquatting techniques, mimicking popular npm package names like react-plaid-sdk and vite-plugin-tools to deceive developers. HexEval Loader obfuscates C2 endpoints with hexadecimal encoding and uses conditional logic to selectively deliver malicious payloads. Some malicious packages, such as jsonsecs, include keyloggers for deeper surveillance across Windows, macOS, and Linux systems.

CL-CRI-1014 targets African financial institutions

Unit 42 researchers have reported a series of cyberattacks targeting financial institutions in Africa, identified as cluster CL-CRI-1014. Attackers leverage open-source tools such as PoshC2, Chisel, and Classroom Spy to gain initial access to networks, which they then sell on the dark web. These threat actors disguise their tools as legitimate applications to evade detection and employ techniques like remote services and PsExec for lateral movement. The attackers use PowerShell scripts to deploy Classroom Spy, allowing them to monitor and control compromised systems. Additionally, they utilize methods like creating services and scheduled tasks to maintain persistence within the targeted environments.

Hackers trojanize commercial software

Threat actors have modified SonicWall's SSL VPN NetExtender application to distribute a trojanized version that closely resembles the legitimate software. This malicious installer, digitally signed by “CITYLIGHT MEDIA PRIVATE LIMITED,” has been designed to steal VPN configuration information, including usernames and passwords, which is then sent to a remote server at IP address 132.196.198.163. Key components of the installer, such as NeService.exe and NetExtender.exe, have been altered to bypass digital signature validation and execute malicious code. SonicWall and Microsoft have identified the threat, with SonicWall's security solutions flagging the installer as malicious, categorized as GAV: Fake-NetExtender (Trojan) and by Microsoft as TrojanSpy:Win32/SilentRoute.A.

AI-themed websites deploy malware

Zscaler ThreatLabz researchers have identified a malware campaign using Black Hat SEO to manipulate search engine rankings for AI-related keywords, leading users to malicious websites designed to distribute malware like Vidar Stealer, Lumma Stealer, and Legion Loader. These sites exploit the popularity of AI tools, employing JavaScript to collect browser data and redirect victims through multiple layers to evade detection. The malware is often packaged in large installer files or password-protected ZIP archives to bypass security systems. Techniques such as browser fingerprinting and XOR encryption are utilized to obfuscate malicious activities, with the campaign linked to numerous deceptive domains and significant traffic since early 2025.

Top Vulnerabilities Reported in the Last 24 Hours

NVIDIA issues urgent security update

NVIDIA discovered two critical vulnerabilities (CVE-2025-23264 and CVE-2025-23265) in its Megatron-LM framework, enabling malicious code injection and privilege escalation. The flaws are categorized as “High” severity with a CVSS v3.1 score of 7.8 and stem from insecure input handling in the Python component. Successful exploitation requires low attack complexity and can compromise AI models and sensitive data. NVIDIA released version 0.12.1 to address these issues, urging users to update immediately.

Critical bug in CentOS Web Panel

A critical vulnerability (CVE-2025-48703) in CentOS Web Panel allows unauthenticated remote code execution, putting servers at risk. The flaw affects versions 0.9.8.1188 and 0.9.8.1204, exploiting weak authentication and a command injection issue in the t_total parameter. A PoC exploit demonstrates how attackers can gain remote access by sending crafted HTTP POST requests. Administrators are urged to update to the latest version or apply patches immediately, alongside using firewalls and intrusion detection systems to mitigate risks.

Kibana heap corruption flaw

A critical vulnerability (CVE-2025-2135) in Kibana’s reporting engine can lead to heap corruption and remote code execution, affecting versions ≤7.17.28, 8.0.0–8.17.7, 8.18.0–8.18.2, and 9.0.0–9.0.2. The flaw arises from a Chromium Type Confusion vulnerability and can be exploited via crafted HTML pages. Both self-hosted and Elastic Cloud deployments are affected when PDF/PNG reporting features are enabled, while CSV reporting and serverless Kibana projects remain unaffected. Elastic advises upgrading to fixed versions (7.17.29, 8.17.8, 8.18.3, or 9.0.3) or applying mitigations like disabling reporting, restricting access, and enforcing network policies.