malicious-packages

The Hacker News

Information security

Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor

Suspicious npm packages are harvesting Ethereum private keys and gaining SSH access on victim machines through malicious code.

The attack requires developer engagement with the package for it to execute and steal information. [ more ]

CyberScoop

2 weeks ago

Information security

Malicious packages in open-source repositories are surging

Malicious packages in open-source software have increased by over 150% in the past year. [ more ]

Developer Tech News

3 months ago

Information security

Images weaponised in latest supply chain attack

Malicious packages discovered in npm registry by cybersecurity firm Phylum contained hidden command and control functionality within image files. [ more ]

Developer Tech News

3 months ago

Information security

Images weaponised in latest supply chain attack

Malicious packages discovered in npm registry containing hidden command and control functionality embedded in image files. [ more ]

ITPro

4 months ago

Python

Developers beware: These rogue Python packages hide a nasty surprise

Python developers should be cautious when selecting open source packages for AI, machine learning, and crypto projects due to a campaign with malicious packages on PyPI. [ more ]

The Hacker News

2 days ago

Information security

Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor

Suspicious npm packages are harvesting Ethereum private keys and gaining SSH access on victim machines through malicious code.

The attack requires developer engagement with the package for it to execute and steal information. [ more ]

CyberScoop

2 weeks ago

Information security

Malicious packages in open-source repositories are surging

Malicious packages in open-source software have increased by over 150% in the past year. [ more ]

Developer Tech News

3 months ago

Information security

Images weaponised in latest supply chain attack

Malicious packages discovered in npm registry by cybersecurity firm Phylum contained hidden command and control functionality within image files. [ more ]

Developer Tech News

3 months ago

Information security

Images weaponised in latest supply chain attack

Malicious packages discovered in npm registry containing hidden command and control functionality embedded in image files. [ more ]

ITPro

4 months ago

Python

Developers beware: These rogue Python packages hide a nasty surprise

Python developers should be cautious when selecting open source packages for AI, machine learning, and crypto projects due to a campaign with malicious packages on PyPI. [ more ]

morecybersecurity

The Hacker News

1 month ago

Information security

Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers

A new supply chain attack technique called Revival Hijack targets the PyPI registry, allowing attackers to exploit existing packages for malicious intent. [ more ]

#malicious-packages#malicious-packages

Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor

Malicious packages in open-source repositories are surging

Images weaponised in latest supply chain attack

Images weaponised in latest supply chain attack

Developers beware: These rogue Python packages hide a nasty surprise

Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor

Malicious packages in open-source repositories are surging

Images weaponised in latest supply chain attack

Images weaponised in latest supply chain attack

Developers beware: These rogue Python packages hide a nasty surprise

Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers

#malicious-packages
#malicious-packages