Tag: NPM

Tech News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

Cybersecurity researchers have disclosed details of a new malicious package on the

Tech News

Popular Forge library gets fix for signature verification bypass flaw

A vulnerability in the ‘node-forge’ package, a popular JavaScript cryptography library, could

Tech News

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

Nov 24, 2025Ravie LakshmananCloud Security / Vulnerability Multiple security vendors are sounding

Tech News

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly

Tech News

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension

Tech News

North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware

The North Korean threat actor linked to the Contagious Interview campaign has

Tech News

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

Oct 10, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers have flagged a new

Tech News

Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Oct 02, 2025Ravie LakshmananPython / Malware Cybersecurity researchers have flagged a malicious

Tech News

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys

Sep 06, 2025Ravie LakshmananSoftware Security / Cryptocurrency A new set of four

Lost your password?