A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal ...
A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...
A spate of supply chain attacks forces GitHub’s npm to revoke ‘classic’ tokens. Despite this, larger worries about developer ...
A new worm is infecting NPM packages en masse and stealing credentials. The code of the malware contains the identifier “SHA1HULUD,” which is why security analysts are calling it “Shai-Hulud 2.0.” ...
A researcher warned that more than 400 NPM libraries, including at least 10 crypto packages mostly tied to ENS, were compromised by Shai Hulud malware. A major JavaScript supply-chain attack has ...
North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...
Cybersecurity researchers have uncovered a malicious software tool that exposes WhatsApp accounts by secretly giving hackers ...
North Korean hackers intensify their efforts against blockchain and Web3 developers, using nearly 200 malicious npm packages in the ongoing Contagious Interview hacking campaign.
Microsoft previews a GitHub Copilot-powered VS Code Insiders tool that modernizes JavaScript/TypeScript apps by upgrading npm ...
A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in ...
A security researcher tried to alert Home Depot to the security lapse exposing its back-end GitHub source code repos and ...
You’ve spent weeks, maybe months, crafting your dream Electron app. The UI looks clean, the features work flawlessly, and you finally hit that Build button. Excited, you send the installer to your ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback