Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses
Apr 10, 2025Ravie LakshmananMalware / Cryptocurrency Threat actors are continuing to upload…
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
Apr 05, 2025Ravie LakshmananMalware / Supply Chain Attack Cybersecurity researchers have uncovered…
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
Apr 05, 2025Ravie LakshmananMalware / Supply Chain Attack The North Korean threat…
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
Apr 04, 2025Ravie LakshmananVulnerability / Open Source, The cascading supply chain attack…
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Mar 18, 2025Ravie LakshmananAI Security / Software Security Cybersecurity researchers have disclosed…
North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps
The North Korea-linked threat actor known as ScarCruft is said to have…
This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions
Mar 07, 2025Ravie LakshmananMalware / Blockchain Cybersecurity researchers have discovered a malicious…
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
Feb 14, 2025Ravie LakshmananBrowser Security / Cryptocurrency The North Korean threat actor…
New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution
Feb 14, 2025Ravie LakshmananVulnerability / DevOps Cybersecurity researchers have disclosed a new…