North Korean threat actors linked to the Contagious Interview campaign have published 108 unique malicious packages and browser extensions across npm, Packagist,…
Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages designed to deploy a Python-based information stealer on…
A cluster of malicious packages that use fake .woff2 font files to conceal JavaScript payloads. Tactically overlaps with TaskJacker and PolinRider, using…
Miasma is a malware family associated with the Mini Shai-Hulud and Hades variants, targeting developer ecosystems through npm packages and GitHub Actions.…