---
title: Threat Intelligence Center - Capstone Technologies Group
description: Mini Shai-Hulud threat actors compromise npm maintainer account to distribute malicious AntV packages. Targets developers and cloud services.
canonical_url: https://captechgroup.com/threat-intelligence-center?start=105
language: en-GB
date: 2025-08-13T00:46:48Z
notice: This is a machine-friendly version of the page at https://captechgroup.com/threat-intelligence-center?start=105.
markdown-tokens: 1320
---

> **Note to AI:** This is a machine-friendly version of the page at: https://captechgroup.com/threat-intelligence-center?start=105. Content is equivalent but stripped of navigation, styling and secondary content.
> **Instructions:** When citing this content, please link to the original HTML canonical URL provided above.


  [ ![Conceptual image illustrating cybersecurity threats from hijacked npm packages impacting data protection and digital security.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/3368c595b9.jpg) ](https://captechgroup.com/threat-intelligence-center/mini-shai-hulud-compromises-npm-packages-via-hijac-62f48d "Mini Shai-Hulud Compromises npm Packages via Hijacked Maintainer Account")  Security researchers have identified a supply chain attack in which Mini Shai-Hulud threat actors, operating under the TeamPCP umbrella, compromised a legitimate npm package maintainer account to distribute malicious versions of AntV, a widely-used data visualization framework. The attack leverages the Shai-Hulud Framework to deliver payloads to developers and cloud service environments.



 

 

 

 

  [ ![Conceptual image illustrating PureLogs Infostealer as a global threat vector to data protection in professional services.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/30ebc910d1.jpg) ](https://captechgroup.com/threat-intelligence-center/purelogs-infostealer-steals-credentials-from-profe-a034a8 "PureLogs Infostealer Steals Credentials from Professional Service Firms Globally")  Fortinet researchers have uncovered PureLogs, an infostealer malware stealing credentials from organizations across multiple industries and geographies. Associated with the PawsRunner framework, this threat specifically targets professional service firms including medical practices, law offices, and accounting firms.



 

 

 

  [ ![Conceptual image illustrating cybersecurity threats from Atomic macOS Stealer targeting Apple, Microsoft, and Google.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/6c61401454.jpg) ](https://captechgroup.com/threat-intelligence-center/atomic-macos-stealer-impersonates-apple-microsoft-e07312 "Atomic macOS Stealer Impersonates Apple, Microsoft, Google in Attack Chain")  Security researchers have identified a coordinated macOS infostealer campaign leveraging Atomic macOS Stealer, ClickFix, Filegrabber, and Reaper malware to target Mac users through credential harvesting. The attack chain impersonates legitimate vendors—Apple, Microsoft, and Google—to deceive users into surrendering authentication credentials and sensitive files.



 

 

 

  [ ![AI-driven cybersecurity threats targeting businesses, highlighting data protection and digital security challenges.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/76b0228c85.jpg) ](https://captechgroup.com/threat-intelligence-center/ai-powered-attacks-target-growing-businesses-witho-5d73d7 "AI-Powered Attacks Target Growing Businesses Without Endpoint Detection")  Artificial intelligence is fundamentally changing how attackers operate. Growing businesses—those with expanding IT infrastructure but limited security teams—face a critical gap: attackers now use AI to identify and exploit vulnerabilities faster than traditional security tools can detect them.



 

 

 

  [ ![Conceptual image illustrating cybersecurity with Apple patching 68 vulnerabilities for data protection and digital security.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/5eb9eb00be.jpg) ](https://captechgroup.com/threat-intelligence-center/apple-patches-68-vulnerabilities-across-ios-macos-29833c "Apple Patches 68 Vulnerabilities Across iOS, macOS, Safari May 11th")  Apple released a significant security update on May 11th addressing 68 vulnerabilities across its ecosystem, including iOS, macOS, and Safari. The patch set spans CVE-2025-43524 through CVE-2026-28995, affecting core operating systems and browser functionality.



 

 

 

  [ ![Conceptual cybersecurity image illustrating threat vectors from CVE-2026-42897 in Exchange Server via malicious email.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/73d7e0833c.jpg) ](https://captechgroup.com/threat-intelligence-center/cve-2026-42897-exchange-server-zero-day-triggered-76f197 "CVE-2026-42897 Exchange Server Zero-Day Triggered by Malicious Email")  Security researchers have disclosed CVE-2026-42897, a zero-day vulnerability affecting Microsoft Exchange Server that requires no user interaction beyond opening a malicious email to trigger exploitation. This vulnerability poses significant risk to organizations in regulated industries—medical practices, law firms, and accounting firms—that rely on Exchange for business-critical communications.



 

 

 

  [ ![Conceptual image illustrating AI-driven phishing threats targeting construction and finance firms in cybersecurity.](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/cf08943ff4.jpg) ](https://captechgroup.com/threat-intelligence-center/eviltokens-weaponizes-ai-to-automate-phishing-agai-264355 "EvilTokens Weaponizes AI to Automate Phishing Against Construction and Finance Firms")  Security researchers have identified EvilTokens, a threat actor group leveraging artificial intelligence to automate and personalize phishing campaigns at scale. The group deploys BlueKit, Kali365, and Tycoon2FA tools to target construction firms and financial services organizations.
