News

The Hacker News3d
Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
VS Code extensions deployed sandbox-evasive malware to steal system data, developer credentials, and crypto wallets.
CSO Online2d
Hackers drop 60 npm bombs in less than two weeks to recon dev machines
All malicious npm packages carried identical payloads for snooping sensitive network information from developers’ systems.
Developer Tech6d
60 malicious npm packages caught mapping developer networks
The npm registry is once again in the spotlight, this time battling a malware campaign using malicious packages to map ...
SecurityWeek2d
Ongoing Campaign Uses 60 NPM Packages to Steal Data
Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information.
Windows Report6d
Malicious NPM packages are stealing data and damaging systems
Security experts at Socket’s Threat Research team, have discovered a campaign in the NPM ecosystem, which includes Malicious ...
TechRadar4d
NPM users warned dozens of malicious packages aim to steal host and network data
Cybersecurity researchers Socket have warned of multiple malicious packages hosted on NPM, stealing sensitive user data and relaying it to the attackers. In a blog post, Socket said it identified ...
Bleeping Computer6d
Dozens of malicious packages on NPM collect host and network data
60 packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor. According to Socket’s ...