All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

WeedHack malware campaign infects over 116,000 Minecraft users via malicious JAR files

By

Sinisa Markovic

7h ago· 4 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

If you only eat one bagel today, this is the bagel.

Score80TypenewsSentimentvery negative

Summary

A Malware-as-a-Service (MaaS) operation called WeedHack is targeting Minecraft users, allowing threat actors to remotely access victims' screens, webcams, and files via a web-based dashboard. Since January 2026, the campaign has infected over 116,000 systems, adding 2,000-3,000 new infections daily. McAfee researchers discovered over 3,820 unique malicious JAR files associated with the campaign.

Key quotes

· 1 pulled
We've discovered over 3,820 unique malicious JAR files tha
Snippet from the RSS feed
A Malware-as-a-Service operation targeting Minecraft users allows threat actors to remotely access victims' screens, webcams, and files.

You might also wanna read

ShadyPanda's 7-Year Malware Campaign Infected 4.3 Million Browsers Through Malicious Extensions

Koi researchers have uncovered a seven-year malware campaign by threat actor ShadyPanda that infected 4.3 million Chrome and Edge browsers t

koi.ai·6mo ago

Bitwarden CLI 2026.4.0 Compromised in Checkmarx Supply Chain Attack via GitHub Action

Socket researchers discovered that Bitwarden CLI version 2026.4.0 was compromised as part of the ongoing Checkmarx supply chain campaign. Th

socket.dev·1mo ago

317 npm Packages Compromised in Mini Shai-Hulud Supply Chain Attack

A major npm supply chain attack occurred on May 19, 2026, when the npm account of maintainer "atool" was compromised. The attacker published

safedep.io·15d ago

Shai-Hulud: Largest npm Supply-Chain Compromise Affecting CrowdStrike and Hundreds of Packages

The Shai-Hulud malware campaign represents the largest and most dangerous npm supply-chain compromise in history, affecting hundreds of pack

koi.security·8mo ago

Kimwolf IoT Botnet Infects 2+ Million Devices, Targets Corporate and Government Networks

A new IoT botnet called Kimwolf has infected over 2 million devices, primarily targeting corporate and government networks. The malware forc

krebsonsecurity.com·4mo ago

GitLab Identifies Large-Scale npm Supply Chain Attack with Destructive Malware

GitLab's security researchers have uncovered a large-scale supply chain attack in the npm ecosystem involving a destructive malware variant

about.gitlab.com·6mo ago