Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Hackaday

The Winners Of The 2025 Obfuscated C Code Contest

One of the most exciting challenges available to any software developer is that of writing brilliantly working code that’s so obtuse, so indecipherable, and opaque, that even its own author ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its own. Here's what you can do about it.
IEEE

JSObfusDetector: A binary PSO-based one-class classifier ensemble to detect obfuscated JavaScript code

Abstract: JavaScript code obfuscation has become a major technique used by malware writers to evade static analysis techniques. Over the past years, a number of dynamic analysis techniques have been ...
CSOonline

North Korean cyberspies trick developers into installing malware with fake job interviews

Once accepted, the attackers tell developers to download a Node.js project as part of a practical test. The trojanized project on launch deploys a RAT and infostealer malware targeting all major OS ...
techworm.net

Developers Tricked In Fake Job Interviews To Download Malware

Cybersecurity company Securonix has discovered a new ongoing social engineering attack campaign that targets software developers with bogus npm packages on the pretext of fake job interviews and ...
GitHub

javascript-deobfuscator

The Unpacker class offers methods for detecting and unraveling obfuscated JavaScript code. It scans for a specific pattern commonly employed in obfuscation and attempts to reverse the obfuscation ...
GitHub

obfuscated-code

Add a description, image, and links to the obfuscated-code topic page so that developers can more easily learn about it.