Paid Promotion
Add your product or open-source project on TechLogHub
Listing is free. Sponsored featured placements are paid and priced in USD — open the pricing dialog to see plan details.
May 5, 2026
Security & Infrastructure Tools
ScarCruft Hackers Push BirdCall Android Malware Via Game Platform
ScarCruft/APT37 has adapted the BirdCall backdoor into an Android variant delivered through a supply-chain attack on the gaming platform sqgame.net, which targets Koreans in Yanbian, China. The Android BirdCall, active since around October 2024 in at least seven versions, acts as spyware by collecting geolocation, contacts, call logs, SMS, device and network details, taking screenshots, recording audio from 7–10 pm local time, and exfiltrating files while reporting back via C2; it lacks some of the Windows version’s capabilities. The campaign underscores the risk of trojanized APKs on third-party game sites, with researchers advising users to download only from official marketplaces and trusted publishers.
By TechLogHub
May 4, 2026
Security & Infrastructure Tools
Amazon SES increasingly abused in phishing to evade detection
Kaspersky reports a surge in phishing using Amazon SES to bypass security filters, fueled by widespread exposure of AWS credentials in public repos, Docker images, and backups. Attackers automate secret discovery (e.g., with TruffleHog) to validate keys and blast realistic phishing campaigns—including DocuSign-like notices and fake invoices—without triggering SPF/DKIM/DMARC blocks. Blocking SES IPs is ineffective since SES is a trusted service. Recommended mitigations: enforce least-privilege IAM, enable MFA, rotate keys regularly, apply IP-based access controls, and use encryption.
By TechLogHub
May 4, 2026
Security & Infrastructure Tools
Backdoored PyTorch Lightning package drops credential stealer
Security researchers disclosed a supply-chain attack in PyTorch Lightning: a compromised PyPI release (version 2.6.3) secretly downloads Bun and executes an obfuscated 11.4 MB JavaScript payload on import, delivering ShaiWorm, a credential-stealer that targets environment files, API keys, browser data, and cloud credentials (AWS/Azure/GCP) and can run arbitrary commands. Microsoft Defender blocked the payload on affected machines; maintainers have rolled back to version 2.6.1 and are auditing recent releases, with immediate secret rotation advised as the investigation continues.
By TechLogHub
May 4, 2026
Security & Infrastructure Tools
Trellix discloses data breach after source code repository hack
Trellix disclosed a data breach after unauthorized access to a portion of its source code repository and is investigating with external forensics, reporting no evidence yet that the source code or its distribution process was compromised and that law enforcement has been notified; further details will be shared after the investigation. The incident comes amid other recent breaches at Checkmarx, Cisco, and HackerOne.
By TechLogHub