Daily Hunt Feed - 2026-05-01

Threat Hunt Feed (2026-05-01)

Hacker News: Best

• Shai-Hulud Themed Malware Found in the PyTorch Lightning AI Training Library — Thu, 30 Apr 2026 16:09:26 +0000
  • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Credentials (T1589.001), Python (T1059.006), At (T1053.002)
• Kyoto cherry blossoms now bloom earlier than at any point in 1,200 years — Wed, 29 Apr 2026 19:32:36 +0000
  • Matched TTPs: At (T1053.002)

Krebs on Security

• Anti-DDoS Firm Heaped Attacks on Brazilian ISPs — Thu, 30 Apr 2026 14:04:26 +0000
  • Matched TTPs: IP Addresses (T1590.005), DNS (T1071.004), Malware (T1588.001), SSH (T1021.004), Botnet (T1584.005), Domains (T1584.001), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Python (T1059.006), At (T1053.002)

BleepingComputer

• New Bluekit phishing service includes an AI assistant, 40 templates — Thu, 30 Apr 2026 14:58:50 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Email Accounts (T1585.002), Domains (T1584.001), Proxy (T1090), Cloud Services (T1021.007), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
• April KB5083769 Windows 11 update causes backup software failures — Thu, 30 Apr 2026 11:23:03 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
• Police dismantles 9 crypto scam centers, arrests 276 suspects — Thu, 30 Apr 2026 07:21:02 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)

Darkreading

• Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug — Thu, 30 Apr 2026 20:41:18 GMT
  • Matched TTPs: Malware (T1588.001), Databases (T1213.006), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), At (T1053.002)

The Hacker News

• PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials — Thu, 30 Apr 2026 22:01:00 +0530
  • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), Server (T1584.004), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), At (T1053.002)
• New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials — Thu, 30 Apr 2026 18:06:00 +0530
  • Matched TTPs: Keylogging (T1056.001), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), SSH (T1021.004), Server (T1584.004), Web Services (T1584.006), PowerShell (T1059.001), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), Windows Credential Manager (T1555.004), At (T1053.002)