Node.js Foundation fixed two critical vulnerabilities in its open source server-side JavaScript platform and addressed the newly patched OpenSSL As promised, the Node.js Foundation updated all ...
A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...
Halud, is compromising hundreds of NPM packages, spreading self-replicating malware, exfiltrating data, and turning private ...
It is possible that the attackers behind this attack are the same ones as last time. Their malicious code bears the name of a prominent science fiction monster.
Node.js has released updates for a high severity vulnerability that could be exploited by attackers to corrupt the process and cause unexpected behaviors, such as application crashes and potentially ...
Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel series — because it publishes any stolen credentials in a new public GitHub ...
According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback