Malicious packages Archives • Daily CyberSecurity

The 1,700-Package Blitz: North Korea’s “Contagious Interview” Infiltrates Every Major Dev Registry Contagious Interview Malicious Packages

The 1,700-Package Blitz: North Korea’s “Contagious Interview” Infiltrates Every Major Dev Registry

Do Son April 8, 2026

Researchers at Socket have identified a massive new cluster of malicious packages linked to North Korea’s notorious...

The 50,000-Download Trap: How ‘ambar-src’ Typosquatting Compromised Windows, Linux, and macOS Devs OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

The 50,000-Download Trap: How ‘ambar-src’ Typosquatting Compromised Windows, Linux, and macOS Devs

Do Son February 27, 2026

Tenable Research has uncovered a highly sophisticated, malicious npm package that amassed approximately 50,000 downloads before its...

Poisoned Dependencies: How Nethereum.All and 10M+ Fake Downloads Looted .NET Crypto Developers Nethereum.All Malicious Package, NuGet Supply Chain

Nethereum.All Malicious Package, NuGet Supply Chain

Poisoned Dependencies: How Nethereum.All and 10M+ Fake Downloads Looted .NET Crypto Developers

Do Son December 19, 2025

A sophisticated supply chain campaign targeting .NET developers working with cryptocurrency has been uncovered, revealing a network...

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data Crypto Scam, Executive Fraud business email compromise scam

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data

Do Son April 14, 2025

A recent report from FortiGuard Labs has uncovered a series of malicious NPM packages designed to steal...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Malicious packages

The 1,700-Package Blitz: North Korea’s “Contagious Interview” Infiltrates Every Major Dev Registry

The 50,000-Download Trap: How ‘ambar-src’ Typosquatting Compromised Windows, Linux, and macOS Devs

Poisoned Dependencies: How Nethereum.All and 10M+ Fake Downloads Looted .NET Crypto Developers

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data