Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with ...
A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with ...
First steps were taken a few days ago, and more are to follow. Users and developers in the NPM ecosystem must act in the ...
North Korean hackers used fake recruiter lures and npm packages to target crypto developers in a large-scale supply-chain ...
Google reports North Korean hackers using EtherHiding to embed adaptive malware in blockchain smart contracts.
At the upcoming Lived! 360 Orlando 2025 conference, Tim Purdum, Engineering Manager and Senior Software Engineer at dymaptic, ...
Sonatype, a provider of AI-centric DevSecOps, this week released the Open Source Malware Index, Q3 2025, which analyzed ...
The North Korean threat actor behind the Contagious Interview campaign has started combining features from two of its malware ...
North Korean threat group Famous Chollima is using blockchain technology to hide malware payloads in smart contracts, which ...
JADESNOW uses EtherHiding to fetch, decrypt, and execute malicious payloads from smart contracts on the BNB Smart Chain and ...
There isn’t a consistent threat model for extension marketplaces yet, McCarthy said, making it difficult for any platform to ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback