Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that ...
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, developer, and AI credentials.
Follow ZDNET: Add us as a preferred source on Google. Red Hat was the victim of an npm security breach. The company has removed the affected packages. Check whether you use @redhat-cloud-services npm ...
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn ...
The Miasma malware campaign has claimed another victim, poisoning more than 20 versions of legitimate npm packages used by the Leo Platform and RStreams ecosystems as its operators continue refining ...
Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CVE-2026-44963 , the vulnerability carries a ...
Threat actors are abusing Microsoft Teams voice calls by impersonating corporate IT support staff to trick employees into ...
Stolen and leaked credentials lead to Node.js packages from AsyncAPI and Jscrambler Code Integrity being poisoned with ...