Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated ScriptsSeveral legitimate cryptocurrency packages on npm have been hijacked to steal sensitive information from compromised systems.
North Korean Hackers Target Developers with Malicious npm PackagesNorth Korean threat actors are targeting developers with malicious npm packages to steal cryptocurrency.The 'Contagious Interview' campaign uses deceptive job offers to compromise software developers.
Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm PackagesMalicious npm packages impersonate the Hardhat tool to steal sensitive developer data from systems.
North Korea hits crypto wallets in NPM supply chain attackNorth Korea is targeting NPM registry and crypto wallet owners with the new Marstech1 implant, showcasing evolving cyber strategies.
Images weaponised in latest supply chain attackMalicious packages discovered in npm registry containing hidden command and control functionality embedded in image files.
Images weaponised in latest supply chain attackMalicious packages discovered in npm registry by cybersecurity firm Phylum contained hidden command and control functionality within image files.
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated ScriptsSeveral legitimate cryptocurrency packages on npm have been hijacked to steal sensitive information from compromised systems.
North Korean Hackers Target Developers with Malicious npm PackagesNorth Korean threat actors are targeting developers with malicious npm packages to steal cryptocurrency.The 'Contagious Interview' campaign uses deceptive job offers to compromise software developers.
Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm PackagesMalicious npm packages impersonate the Hardhat tool to steal sensitive developer data from systems.
North Korea hits crypto wallets in NPM supply chain attackNorth Korea is targeting NPM registry and crypto wallet owners with the new Marstech1 implant, showcasing evolving cyber strategies.
Images weaponised in latest supply chain attackMalicious packages discovered in npm registry containing hidden command and control functionality embedded in image files.
Images weaponised in latest supply chain attackMalicious packages discovered in npm registry by cybersecurity firm Phylum contained hidden command and control functionality within image files.