Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →

Powered by CVE WATCHTOWER

×

npm

Toptal GitHub Organization Compromised: Malicious npm Packages Steal Tokens & Wipe Systems libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

Toptal GitHub Organization Compromised: Malicious npm Packages Steal Tokens & Wipe Systems

Do Son July 25, 2025

Socket’s Threat Research Team has discovered that at least 10 malicious packages were published to npm from...

4 Open-Source Packages Infect 56,000+ Downloads with Stealthy Spyware Open Source Spyware, Supply Chain Surveillance

Open Source Spyware, Supply Chain Surveillance

4 Open-Source Packages Infect 56,000+ Downloads with Stealthy Spyware

Do Son July 25, 2025

The Socket Threat Research Team has uncovered a coordinated surveillance malware campaign hidden in four open-source packages—three...

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages npm Phishing, Supply Chain Attack

npm Phishing, Supply Chain Attack

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages

Do Son July 19, 2025

A deceptive and highly targeted phishing campaign has successfully compromised several popular npm packages, including eslint-config-prettier, eslint-plugin-prettier,...

Hidden Protestware Found in 28+ npm Packages: Silently Targeting Russian Users npm Protestware, Supply Chain Attack

npm Protestware, Supply Chain Attack

Hidden Protestware Found in 28+ npm Packages: Silently Targeting Russian Users

Do Son July 17, 2025

In a revelation for the JavaScript ecosystem, Socket’s Threat Research Team has uncovered the widespread proliferation of...

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again NPM Supply Chain, North Korea Malware

NPM Supply Chain, North Korea Malware

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

Do Son July 15, 2025

A new chapter in the ongoing Contagious Interview campaign has emerged, as the Socket Threat Research Team...

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs npm Supply Chain Attack, North Korean APT

npm Supply Chain Attack, North Korean APT

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs

Do Son June 26, 2025

In a detailed expose, the Socket Threat Research Team has uncovered an ongoing and highly targeted supply...

Critical Key Derivation Flaws in pbkdf2 Affect Millions of JavaScript Projects, PoC Available pbkdf2 npm, Cryptographic Flaws

pbkdf2 npm, Cryptographic Flaws

Critical Key Derivation Flaws in pbkdf2 Affect Millions of JavaScript Projects, PoC Available

Do Son June 24, 2025

Two high-impact security advisories have been released for the pbkdf2 npm package—an essential utility in the JavaScript...

PoCGen: AI Tool Automates Exploit Generation for npm Vulnerabilities with LLMs PoCGen, LLM Exploit Generation

PoCGen, LLM Exploit Generation

PoCGen: AI Tool Automates Exploit Generation for npm Vulnerabilities with LLMs

Do Son June 17, 2025

A tool named PoCGen is revolutionizing how the security community generates Proof-of-Concept (PoC) exploits for vulnerabilities in...

Destructive npm Packages Disguised as Utilities Trigger Remote System Wipes on Demand Wiping Systems

Wiping Systems

Destructive npm Packages Disguised as Utilities Trigger Remote System Wipes on Demand

Do Son June 9, 2025

The Socket Threat Research Team has disclosed two dangerous npm packages that masquerade as helpful developer tools—but...

New npm Packages Exposed: Crypto Drainers Targeting BSC & Ethereum Wallets npm security, crypto drainer

npm security, crypto drainer

New npm Packages Exposed: Crypto Drainers Targeting BSC & Ethereum Wallets

Do Son June 4, 2025

Socket Threat Research Team has uncovered a new threat lurking within the JavaScript ecosystem: four malicious npm...

Stealthy npm Supply Chain Attack: Typosquatting Leads to Remote Code Execution and Data Destruction npm supply chain attack, typosquatting

npm supply chain attack, typosquatting

Stealthy npm Supply Chain Attack: Typosquatting Leads to Remote Code Execution and Data Destruction

Do Son June 3, 2025

In a recent revelation, Socket’s Threat Research Team has uncovered a stealthy npm supply chain attack leveraging...

NPM Recon: Malicious Packages Found Stealing Internal Network IPs and Hostnames npm security, internal IP theft

npm security, internal IP theft

NPM Recon: Malicious Packages Found Stealing Internal Network IPs and Hostnames

Do Son May 26, 2025

Socket’s Threat Research Team has uncovered an active and expanding malware campaign in the npm ecosystem. More...

Destructive npm Packages Deleting Files, Hijacking Frameworks for 2+ Years npm security, destructive packages

npm security, destructive packages

Destructive npm Packages Deleting Files, Hijacking Frameworks for 2+ Years

Do Son May 23, 2025

In a disturbing development for the JavaScript community, Socket’s Threat Research Team has uncovered a stealthy and...

Is Your Chatbot Spying On You? Dangerous Plugin Found in Koishi Framework Chatbot privacy, Koishi security

Chatbot privacy, Koishi security

Is Your Chatbot Spying On You? Dangerous Plugin Found in Koishi Framework

Do Son May 20, 2025

Socket’s Threat Research Team has uncovered a dangerous new threat lurking in the npm ecosystem: a malicious...

Malicious Packages Stealing Crypto Credentials: A Warning for Developers npm package, crypto drainer Malicious Packages Cryptocurrency Theft

npm package, crypto drainer Malicious Packages Cryptocurrency Theft

Malicious Packages Stealing Crypto Credentials: A Warning for Developers

Do Son April 23, 2025

The Socket Threat Research Team has exposed three malicious open-source packages masquerading as developer tools — designed...

Malicious npm Packages Backdoor Telegram Bot Developers npm Malware, Telegram Bots

npm Malware, Telegram Bots

Malicious npm Packages Backdoor Telegram Bot Developers

Do Son April 22, 2025

A new supply chain attack has been uncovered by Socket’s Threat Research Team, targeting developers who create...

Malicious npm Package Installs Reverse Shell via Payment Success Magento Credit Card Stealer npm package reverse shell

Magento Credit Card Stealer npm package reverse shell

Malicious npm Package Installs Reverse Shell via Payment Success

Do Son April 16, 2025

A malicious npm package, disguised as a merchant integration for the Advcash payment platform, has been discovered...

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data Crypto Scam, Executive Fraud business email compromise scam

Crypto Scam, Executive Fraud business email compromise scam

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data

Do Son April 14, 2025

A recent report from FortiGuard Labs has uncovered a series of malicious NPM packages designed to steal...

Malware on npm “Patches” Local Packages with Reverse Shell npm reverse shell

npm reverse shell

Malware on npm “Patches” Local Packages with Reverse Shell

Do Son March 28, 2025

A recent report by ReversingLabs (RL) has uncovered malicious packages on the npm repository that employ sophisticated...

North Korean APT Lazarus Uses Malicious npm Package to Target Developers

North Korean APT Lazarus

North Korean APT Lazarus Uses Malicious npm Package to Target Developers

Do Son February 2, 2025

Cybersecurity researchers at Socket have uncovered a new supply chain attack orchestrated by Lazarus Group, the notorious...