Breaking News – Cyber Threats (last 6h)
Generated: 2026-05-19 03:00 PDT
- Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
The Hacker News • 2026-05-19 00:49 • thehackernews.com
Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace.The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code editors like VS Code, Cursor, and JetBrains. The VS Code extension has more than 2.2 million installations. The Open
https://thehackernews.com/2026/05/compromised-nx-console-18950-targeted.html - Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
The Hacker News • 2026-05-18 22:28 • thehackernews.com
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server.“Every existing tag in the repository has been moved to point to an imposter commit that does not appear in the action’s normal commit history,
https://thehackernews.com/2026/05/github-actions-supply-chain-attack.html - Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
The Hacker News • 2026-05-18 21:54 • thehackernews.com
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave.“The attack affects packages tied to the npm maintainer account atool, including echarts-for-react, a widely used React wrapper for Apache ECharts with roughly 1.1 million weekly
https://thehackernews.com/2026/05/mini-shai-hulud-pushes-malicious-antv.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
