#credential-and-crypto-theft
#credential-and-crypto-theft

[ follow ]

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

SANDWORM_MODE supply-chain worm uses malicious npm packages to harvest credentials and crypto keys, propagate via stolen identities, and target AI coding assistants.

Information security

fromTheregister

4 months ago

Norks abuse blockchains to scam job seekers, steal wallets

North Korean threat actors embed malware in blockchain smart contracts (EtherHiding) to target developers, steal cryptocurrency and credentials, and maintain stealthy persistent access.

Information security

fromTechzine Global

5 months ago

Fileless malware: old tricks for new attacks

Fileless AsyncRAT persists via abused legitimate RMM ScreenConnect, in-memory loaders, encrypted reinstall mechanisms, and %AppData% hiding, targeting passwords and crypto wallets.

[ Load more ]

#credential-and-crypto-theft#credential-and-crypto-theft

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Norks abuse blockchains to scam job seekers, steal wallets

Fileless malware: old tricks for new attacks

#credential-and-crypto-theft
#credential-and-crypto-theft