Attackers gunning for supply chains again, deploying innovative blockchain technique to hide command & control.
Roblox's popularity in recent years has led to threat actors actively pushing bogus packages to target both developers and ...
An ongoing attack is uploading hundreds of malicious packages to the open source node package manager (NPM) repository in an attempt to infect the devices of developers who rely on code libraries ...
The Register on MSN3d
Ongoing typosquatting campaign impersonates hundreds of popular npm packagesOne of them will snoop around on your machine and steal your credentials An ongoing typosquatting campaign is targeting ...
The aim is to infect the systems of developers who rely on these registries for their code. To hide their malicious intent, ...
Software developers, especially those working with cryptocurrencies, are once again facing a supply chain attack via open source code repositories.
Contagious Interview refers to a yearlong-campaign undertaken by the Democratic People's Republic of Korea (DPRK) that ...
Well-known open-source node package manager (NPM) registries are the target of massive attacks with malicious packages. These ...
Security researchers found backdoored software packages in the NPM software library, apparent evidence of an ongoing campaign ...
Checkmarx researchers have detected a unique supply chain attack within the NPM ecosystem that uses the Ethereum blockchain.
Checkmarx has observed a novel npm supply chain attack using Ethereum smart contracts to manage command-and-control (C2) ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback