ThreatsDay Bulletin: Supply Chain Kit Leaked, AI Agent Phishing, and 28 New Stories
A weekly roundup covers a leaked supply chain attack toolkit, a $5,000/month RAT that clones browsers, and research showing AI agents can be tricked into leaking credentials.
This week's ThreatsDay Bulletin from The Hacker News compiles a wide range of cybersecurity developments, headlined by the leak of a sophisticated supply chain attack toolkit and new research demonstrating how AI agents can be manipulated to expose real credentials. The bulletin also details a $5,000-per-month remote access trojan (RAT) called SilabRAT that clones browser profiles, alongside reports on infostealer infections, North Korean espionage, and domain seizures by the U.S. Department of Justice.
The most significant item is the Miasma credential-stealing attack framework, which was briefly made available for free on GitHub after appearing through compromised developer accounts. According to SafeDep, Miasma is a full supply chain attack toolkit that can execute attacks via stolen credentials against public registries (PyPI, npm, RubyGems), JFrog Artifactory, GitHub repositories and Actions, AI coding tools, and SSH-based lateral movement. It uses three independent command-and-control channels via GitHub commit search, and is assessed to be a variant of the Shai-Hulud worm, which has since evolved into a Python variant called Hades.
Another major story is the SilabRAT, advertised by a threat actor named "o1oo1" under a malware-as-a-service model for $5,000 a month since September 2025. Group-IB reports that SilabRAT is heavily focused on financial gain through credential theft, using Hidden Virtual Network Computing (HVNC) for remote control and Browser Profile Cloning to replicate a user's browser profile—including user agent, extensions, storage, and fingerprinting attributes—to the attacker's system. It is delivered via ClickFix campaigns using Hijack Loader and can identify wallet addresses or extract cryptocurrency-related artifacts.
The bulletin also highlights new research demonstrating that AI agents can be tricked into leaking real credentials, underscoring the growing sophistication of attacks targeting AI systems. Additionally, a Flashpoint analysis reveals that over 11.1 million devices were infected with infostealers last year, fueling a supply of more than 3.3 billion stolen credentials, session cookies, and cloud tokens now circulating across illicit markets. Lumma, Acreed, Rhadamanthys, Vidar, and StealC were the most prolific stealers in 2025, with India, Brazil, Indonesia, Vietnam, the Philippines, and the U.S. most affected.
CrowdStrike disclosed that a North Korean threat actor known as Famous Chollima, behind the IT worker and Contagious Interview campaigns, accounted for 47% of all state-sponsored hands-on-keyboard operations against the tech sector between April 2025 and March 2026. Meanwhile, the U.S. Department of Justice announced the seizure of 13 internet domains masquerading as consulting companies used to target U.S. persons, including current and former security clearance holders. The sham companies advertised generic consulting jobs on platforms like Upwork and Expertia AI, pressuring candidates to part with confidential information in exchange for cryptocurrency payments.
The bulletin also covers a patch for Anthropic's Claude Code GitHub Action that fixed a vulnerability allowing repository hijacking, and notes the increasing polish of modern cybercrime operations, including mule networks run like SaaS and deepfake KYC bypass sold as a feature. Overall, the ThreatsDay Bulletin serves as a comprehensive digest of the week's most pressing cybersecurity threats, tools, flaws, and updates.