Malicious jscrambler 8.14.0 runs hidden binaries during npm install on Windows, macOS, and Linux, with no fix available as of ...
JFrog finds 148 npm proxy packages turned student browsers into a DDoS botnet, while a mutable loader lets operators re-arm ...
Malicious Jscrambler NPM package versions distributed a cross-platform credential stealer in a new supply chain attack.
Upwind traces multiple compromised AsyncAPI npm packages to a coordinated supply chain attack targeting software release pipelines and publishing identities.
Security researchers caught hackers trying to plant a backdoor inside the Injective npm package — a widely used tool in ...
Socket found a compromised Injective npm package stealing wallet keys amid rising crypto supply chain attacks.
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to ...
Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node ...
Crypto scams are becoming increasingly prevalent, drawing widespread attention. In fact, more than three breaches occurred in ...
Software supply chain attacks have become more common, with attackers increasingly targeting trusted developer tools instead ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results