Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
JavaScript engineering teams have a shrinking window to prepare: npm v12, the package manager's most significant security redesign in its 16-year history, is expected to reach final release before the ...
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
GitHub's npm package manager will ship its most significant security redesign in years this July, when npm v12 makes three long-automatic install behaviors require ...
Follow ZDNET: Add us as a preferred source on Google. Red Hat was the victim of an npm security breach. The company has removed the affected packages. Check whether you use @redhat-cloud-services npm ...
During our recent threat hunting activities, we found EtherRAT malware being distributed by a website with a strange homepage. This homepage allowed us to discover a vast malicious infrastructure ...
Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, ...
The Miasma malware campaign has claimed another victim, poisoning more than 20 versions of legitimate npm packages used by the Leo Platform and RStreams ecosystems as its operators continue refining ...
Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that ...
Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node ...