Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to ...
Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with ...
First steps were taken a few days ago, and more are to follow. Users and developers in the NPM ecosystem must act in the ...
Threat actors are abusing legitimate NPM infrastructure in a new phishing campaign that breaks from the typical supply chain attack pattern.
North Korean hackers used fake recruiter lures and npm packages to target crypto developers in a large-scale supply-chain attack.
Codex gives software developers a first-rate coding agent in their terminal and their IDE, along with the ability to delegate ...
Open source malware as we know it, is malicious code hidden within software packages shared publicly on platforms like ...
JADESNOW uses EtherHiding to fetch, decrypt, and execute malicious payloads from smart contracts on the BNB Smart Chain and ...
At the upcoming Lived! 360 Orlando 2025 conference, Tim Purdum, Engineering Manager and Senior Software Engineer at dymaptic, will introduce JavaScript developers to the world of Blazor -- Microsoft’s ...
North Korea npm Malware Campaign targets Web3 developers via malicious code on npm, stealing credentials and crypto, exposing ...
Sonatype, an AI-centric DevSecOps firm, has released the Open Source Malware Index for Q3 2025, revealing a total of 34,319 new open source malware packages identified across major registries such as ...
Once a dominant category, cryptominers accounted for just 4% of malicious packages in Q3, down from 6% last quarter. This decline reflects the commoditization of simple malware — attackers no longer ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback