Typosquatting Archives • Page 2 of 3 • Daily CyberSecurity

Stealth Supply Chain Attack: Malicious Rust Crate Used Unpinned Dependency for Silent Payload Upgrades Rust Typosquatting, Unpinned Dependency Attack

Rust Typosquatting, Unpinned Dependency Attack

Stealth Supply Chain Attack: Malicious Rust Crate Used Unpinned Dependency for Silent Payload Upgrades

Do Son December 8, 2025

A popular bioinformatics tool became the latest lure in a software supply chain attack, as threat actors...

North Korea’s “Contagious Interview” Floods npm with 200 New Packages, Using Fake Crypto Jobs to Deploy OtterCookie Spyware BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

North Korea’s “Contagious Interview” Floods npm with 200 New Packages, Using Fake Crypto Jobs to Deploy OtterCookie Spyware

Do Son December 1, 2025

A relentless state-sponsored campaign by North Korean threat actors is aggressively targeting blockchain and Web3 developers by...

PyPI Typosquat Delivers Multi-Layer Python RAT, Bypassing Scanners with XOR Encryption PyPI supply chain attack Socket malware detection PyPI Typosquat, Python RAT

PyPI supply chain attack Socket malware detection PyPI Typosquat, Python RAT

PyPI Typosquat Delivers Multi-Layer Python RAT, Bypassing Scanners with XOR Encryption

Do Son November 24, 2025

HelixGuard researchers have uncovered a malicious Python package uploaded to PyPI that impersonates the widely used “pyspellchecker”...

Unit 42 Uncovers Two Massive Global Malware Campaigns Delivering Gh0st RAT Through Large-Scale Software Impersonation Gh0st RAT, Chinese Campaign Typosquat

Unit 42 Uncovers Two Massive Global Malware Campaigns Delivering Gh0st RAT Through Large-Scale Software Impersonation

Do Son November 18, 2025

Researchers at Palo Alto Networks Unit 42 have uncovered two expansive and interconnected malware campaigns active throughout...

Vidar Infostealer Hits npm for the First Time via 17 Typosquatted Packages and Postinstall Scripts Vidar npm Supply Chain, Typosquatting

Vidar Infostealer Hits npm for the First Time via 17 Typosquatted Packages and Postinstall Scripts

Do Son November 10, 2025

Researchers at Datadog Security Research have uncovered a major supply-chain compromise in the npm ecosystem involving 17...

npm Typosquat Campaign: 10 Malicious Packages Deliver PyInstaller Infostealer via Fake CAPTCHA npm Typosquatting, PyInstaller Stealer

npm Typosquat Campaign: 10 Malicious Packages Deliver PyInstaller Infostealer via Fake CAPTCHA

Do Son October 30, 2025

The Socket Threat Research Team has uncovered an extensive supply chain attack targeting the npm ecosystem, involving...

Smishing Triad Uncovered: 194,000+ Malicious Domains Power Global Phishing-as-a-Service Campaign

Do Son October 27, 2025

Researchers from Palo Alto Networks’ Unit 42 have uncovered a massive, fast-evolving smishing campaign tied to a...

Socket Uncovers Malicious NuGet Typosquat “Netherеum.All” Exfiltrating Wallet Keys via Solana-Themed C2 NuGet Typosquat, Homoglyph Attack

Socket Uncovers Malicious NuGet Typosquat “Netherеum.All” Exfiltrating Wallet Keys via Solana-Themed C2

Do Son October 23, 2025

Researchers from Socket’s Threat Research Team have uncovered an active homoglyph typosquat on NuGet impersonating the widely...

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto

Do Son October 11, 2025

The Socket Threat Research Team has sounded the alarm on an escalating wave of malicious npm activity...

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys Rust Crypto Stealer, Typosquatting Attack

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys

Do Son September 26, 2025

Socket’s Threat Research Team has uncovered a supply chain attack involving two malicious Rust crates—faster_log and async_println—that...

RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers

Do Son August 8, 2025

Socket’s Threat Research Team has revealed a long-running supply chain attack in the RubyGems ecosystem, where a...

GitLab Exposes a Clever Crypto Scam: Malicious PyPI Packages Hijack Bittensor Staking Bittensor Typosquatting, Crypto Scam

GitLab Exposes a Clever Crypto Scam: Malicious PyPI Packages Hijack Bittensor Staking

Do Son August 8, 2025

GitLab’s Vulnerability Research team has exposed a sophisticated cryptocurrency theft campaign targeting the Bittensor decentralized AI network...

The Malicious Go Modules: 11 Malicious Go Packages Found on GitHub Deploying Stealthy Malware Go Malware, Supply Chain Attack

The Malicious Go Modules: 11 Malicious Go Packages Found on GitHub Deploying Stealthy Malware

Do Son August 8, 2025

Socket’s Threat Research Team has uncovered an alarming wave of malicious Go packages—some still live on GitHub—designed...

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages npm Phishing, Supply Chain Attack

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages

Do Son July 19, 2025

A deceptive and highly targeted phishing campaign has successfully compromised several popular npm packages, including eslint-config-prettier, eslint-plugin-prettier,...

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer GitHub Malware, Supply Chain Attack

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer

Do Son July 14, 2025

Cybercriminals are once again exploiting the trust users place in popular platforms like GitHub to spread sophisticated...

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Do Son July 9, 2025

Researchers at ReversingLabs (RL) have uncovered a supply chain compromise of the popular ETHcode extension for Visual...

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs npm Supply Chain Attack, North Korean APT

npm Supply Chain Attack, North Korean APT

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs

Do Son June 26, 2025

In a detailed expose, the Socket Threat Research Team has uncovered an ongoing and highly targeted supply...

Alert: Malicious Python Package “psslib” Typosquats passlib, Shuts Down Windows Systems Python Malware, Typosquatting

Alert: Malicious Python Package “psslib” Typosquats passlib, Shuts Down Windows Systems

Do Son June 26, 2025

Socket’s Threat Research Team has uncovered a malicious Python package named psslib designed to abruptly shut down...

Clickfix Meets macOS: AMOS Variant Targets Spectrum Users in Credential Harvesting Campaign AMOS Stealer, macOS Malware

Clickfix Meets macOS: AMOS Variant Targets Spectrum Users in Credential Harvesting Campaign

Do Son June 6, 2025

Researchers at CloudSEK have uncovered a new variant of the Atomic macOS Stealer (AMOS) targeting macOS users...

Alert: Malicious RubyGems Impersonate Fastlane Plugins, Steal CI/CD Data

Do Son June 4, 2025

Socket’s Threat Research Team has uncovered a targeted supply chain attack leveraging malicious RubyGems impersonating Fastlane plugins....

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Typosquatting

Stealth Supply Chain Attack: Malicious Rust Crate Used Unpinned Dependency for Silent Payload Upgrades

North Korea’s “Contagious Interview” Floods npm with 200 New Packages, Using Fake Crypto Jobs to Deploy OtterCookie Spyware

PyPI Typosquat Delivers Multi-Layer Python RAT, Bypassing Scanners with XOR Encryption

Unit 42 Uncovers Two Massive Global Malware Campaigns Delivering Gh0st RAT Through Large-Scale Software Impersonation

Vidar Infostealer Hits npm for the First Time via 17 Typosquatted Packages and Postinstall Scripts

npm Typosquat Campaign: 10 Malicious Packages Deliver PyInstaller Infostealer via Fake CAPTCHA

Smishing Triad Uncovered: 194,000+ Malicious Domains Power Global Phishing-as-a-Service Campaign

Socket Uncovers Malicious NuGet Typosquat “Netherеum.All” Exfiltrating Wallet Keys via Solana-Themed C2

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys

RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers

GitLab Exposes a Clever Crypto Scam: Malicious PyPI Packages Hijack Bittensor Staking

The Malicious Go Modules: 11 Malicious Go Packages Found on GitHub Deploying Stealthy Malware

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Alert: Malicious Python Package “psslib” Typosquats passlib, Shuts Down Windows Systems

Alert: Malicious RubyGems Impersonate Fastlane Plugins, Steal CI/CD Data