Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the ...
Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.
An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.
Cryptopolitan on MSN
North Korean hackers now hide crypto-stealing malware with blockchain
North Korean hackers are now using a blockchain-based method known as EtherHiding to deliver malware to facilitate their ...
Version 1.3 of the Bun JavaScript runtime and toolkit has landed, pushing forward the project's goal to consolidate ...
Chrome faces its sixth zero-day attack in 2025 as Google patches critical V8 engine flaw CVE-2025-10585 discovered by Threat ...
Alarms raised again as a recent cybersecurity report released by Cisco Talos claims that a new campaign by North Korean ...
EtherHiding’: Nation-state and cybercriminal groups are leveraging smart contracts as command-and-control servers for ...
Google’s Threat Intelligence Group has linked North Korean hackers to EtherHiding, blockchain malware previously used by ...
Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback