Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers
Sep 03, 2025Ravie LakshmananMalware / Social Engineering Cybersecurity researchers have discovered two…
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Aug 01, 2025Ravie LakshmananMalware / Artificial Intelligence Cybersecurity researchers have flagged a…
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Jul 29, 2025Ravie LakshmananPhishing / Developer Security The maintainers of the Python…
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
Jul 28, 2025Ravie LakshmananMalware / Developer Tools In what's the latest instance…
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
Jun 26, 2025Ravie LakshmananOpen Source / Vulnerability Cybersecurity researchers have disclosed a…
New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
Cybersecurity researchers have flagged a supply chain attack targeting over a dozen…
Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
As many as 60 malicious npm packages have been discovered in the…
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
Cybersecurity researchers have flagged three malicious npm packages that are designed to…
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
May 07, 2025Ravie LakshmananSoftware Supply Chain / Malware Cybersecurity researchers have discovered…