An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.
An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback