A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be ...
APT24 and Autumn Dragon launch multi-year espionage campaigns using BADAUDIO, supply chain attacks, and new CVE-2025-8088 ...
Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate " ...
TamperedChef malware exploits fake installers with signed certificates to infiltrate healthcare, construction and ...
Finding a product that is versatile enough to meet the unique needs of multiple construction disciplines and companies is ...
Cryptopolitan on MSN
7 npm packages caught hiding crypto scams
Cybersecurity researchers have revealed a set of seven npm packages published by a single threat actor. These packages use a ...
The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...
Seraphic, the leader in enterprise browser security (SEB) and AI enablement, today announced native protection for Electron-based applications such as ChatGPT desktop, Teams, Slack, and more, becoming ...
Supply chain issues and rising material costs have hit the construction industry hard, leading to project delays, ...
In the new campaign, Gootloader was most likely leveraged by a group known as Storm-0494, as well as its downstream operator, Vanilla Tempest (also known as Vice Society), a ransomware group first ...
Threat actors are weaponizing trusted software certificates to deliver stealthy malware and compromise enterprise networks ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback