Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers
Sep 03, 2025Ravie LakshmananMalware / Social Engineering Cybersecurity researchers have discovered two…
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Aug 01, 2025Ravie LakshmananMalware / Artificial Intelligence Cybersecurity researchers have flagged a…
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Jul 29, 2025Ravie LakshmananPhishing / Developer Security The maintainers of the Python…
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
Jul 28, 2025Ravie LakshmananMalware / Developer Tools In what's the latest instance…
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Jul 23, 2025Ravie LakshmananSoftware Integrity / DevSecOps Google has announced the launch…
200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
Cybersecurity researchers have uncovered a new campaign in which the threat actors…
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that…
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
May 07, 2025Ravie LakshmananSoftware Supply Chain / Malware Cybersecurity researchers have discovered…
Ripple’s xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
Apr 23, 2025Ravie LakshmananBlockchain / Cryptocurrency The Ripple cryptocurrency npm JavaScript library…