npm

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data

• Malware

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data

Do Son April 14, 2025 0

A recent report from FortiGuard Labs has uncovered a series of malicious NPM packages designed to steal...

Read More Read more about Malicious NPM Packages Target PayPal Users to Steal Sensitive Data

Malware on npm “Patches” Local Packages with Reverse Shell

• Malware

Malware on npm “Patches” Local Packages with Reverse Shell

Do Son March 28, 2025 0

A recent report by ReversingLabs (RL) has uncovered malicious packages on the npm repository that employ sophisticated...

Read More Read more about Malware on npm “Patches” Local Packages with Reverse Shell

North Korean APT Lazarus Uses Malicious npm Package to Target Developers

• Malware

North Korean APT Lazarus Uses Malicious npm Package to Target Developers

Do Son February 2, 2025 0

Cybersecurity researchers at Socket have uncovered a new supply chain attack orchestrated by Lazarus Group, the notorious...

Read More Read more about North Korean APT Lazarus Uses Malicious npm Package to Target Developers

Malicious Packages Weaponize OAST for Stealthy Data Exfiltration and Reconnaissance

• Cyber Security
• Malware

Malicious Packages Weaponize OAST for Stealthy Data Exfiltration and Reconnaissance

Do Son January 5, 2025 0

Researchers at Socket have uncovered a series of malicious campaigns exploiting Out-of-Band Application Security Testing (OAST) techniques....

Read More Read more about Malicious Packages Weaponize OAST for Stealthy Data Exfiltration and Reconnaissance

Beware of Malicious Extensions: Researcher Exposes VSCode Marketplace Threats

• Malware

Beware of Malicious Extensions: Researcher Exposes VSCode Marketplace Threats

Do Son December 19, 2024 0

Researchers from ReversingLabs have highlighted a malicious campaign that bridges two critical ecosystems: Visual Studio Code (VSCode)...

Read More Read more about Beware of Malicious Extensions: Researcher Exposes VSCode Marketplace Threats

Malicious npm Packages Threaten Crypto Developers: Keylogging and Wallet Theft Revealed

• Malware

Malicious npm Packages Threaten Crypto Developers: Keylogging and Wallet Theft Revealed

Do Son November 28, 2024 0

Researchers at Socket have uncovered a malicious campaign targeting crypto developers. The attacker, operating under the pseudonym...

Read More Read more about Malicious npm Packages Threaten Crypto Developers: Keylogging and Wallet Theft Revealed

“Command-Jacking”: New Supply Chain Attack Hijacks CLI Tools

• Vulnerability

“Command-Jacking”: New Supply Chain Attack Hijacks CLI Tools

Do Son October 15, 2024 0

In a report by Yehuda Gelb and Elad Rapoport from the Checkmarx Security Research Team, a new...

Read More Read more about “Command-Jacking”: New Supply Chain Attack Hijacks CLI Tools

npm’s Hidden Threat: The Covert Trojan Lurking in Your Windows System

• Malware

npm’s Hidden Threat: The Covert Trojan Lurking in Your Windows System

Do Son January 21, 2024 0

Recently, the Phylum team’s automated risk detection platform uncovered a suspicious publication on npm, a popular package...

Read More Read more about npm’s Hidden Threat: The Covert Trojan Lurking in Your Windows System

SentinelOne Unveils: The Hidden Dangers of npm in Business Security

• Malware

SentinelOne Unveils: The Hidden Dangers of npm in Business Security

Do Son January 8, 2024 0

In the rapidly evolving digital landscape, software development has become a battleground, with npm (Node Package Manager)...

Read More Read more about SentinelOne Unveils: The Hidden Dangers of npm in Business Security

Major npm flaw crashes Linux Systems, force users to reinstall

• Vulnerability

Major npm flaw crashes Linux Systems, force users to reinstall

Do Son February 24, 2018

According to the npm bug report on GitHub, npm user Crunkle noted that npm 5.7.0 completely corrupted...

Read More Read more about Major npm flaw crashes Linux Systems, force users to reinstall