North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

A malicious NPM package, ambar-src, mimicking a popular JavaScript framework, was downloaded nearly 50,000 times in a few ...

Security researchers at Microsoft said the campaign targets developers who routinely clone public repositories for evaluation, collaboration or recruitment exercises. The attackers publish projects ...

A North Korean attack group is running a scam operation called the Graphalgo, wherein they use fake job schemes to deliver malware.

Half a dozen vulnerabilities in the JavaScript ecosystem’s leading package managers — including NPM, PNPM, VLT, and Bun — could be exploited to bypass supply chain attack protections, according to ...

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ‘the JavaScript ecosystem deserves better.’ Javascript developers should ...

Cybersecurity researchers have uncovered three malicious Bitcoin npm packages designed to install malware called NodeCordRAT. NodeCordRAT is equipped to steal Google Chrome credentials, API tokens ...

A new report out today from managed detection and response company Expel Inc. details a newly identified variant of the Shai Hulud malware that is demonstrating how software supply chain attacks are ...

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing messages and maintaining persistence. Security researchers have uncovered a ...

A malicious NPM package that functions as a WhatsApp Web API library has been caught stealing users’ credentials and data, Koi Security warns. The package, ‘Lotusbail’, a fork of the ‘Baileys’ library ...

Trusted publishing, besides eliminating the need for npm tokens, establishes cryptographic trust by authenticating each publish using short-lived, workflow-specific credentials that cannot be ...