A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially ...
A malicious npm package named Fezbox has been found using an unusual technique to conceal harmful code. The package employs a ...
Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this ...
An infostealer particularly focused on stealing cryptocurrency wallet data from macOS, Windows and Linux users has been ...
GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.
ComicForm phishing since April 2025 targets Belarus, Kazakhstan, Russia using Formbook malware, evading Microsoft Defender.
A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions of downloads are affected.
A rare in-the-wild FileFix campaign has been observed by cybersecurity researchers, which hides a second-stage PowerShell ...
Mohammedia – A new malware strain named ModStealer has emerged, posing a significant threat to cryptocurrency users. This ...
A hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into ...
After warning 9to5Mac last month about undetectable Mac malware hidden in a fake PDF converter site, Mosyle, a leader ...
A new cross-platform malware named “ModStealer” actively targets crypto wallets while remaining undetected by major antivirus ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback