Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
Malicious npm packages mimicking Rollup polyfill tooling steal browser data, crypto wallets, and AI tool credentials in a Lazarus-linked campaign.
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Some of the software building blocks shipped under Red Hat’s name spent a stretch of time quietly working against the people who installed them. Hidden inside more than 30 packages in the company’s ...
An industry effort involving CrowdStrike, Google and the Shadowserver Foundation has led to the disruption of the Glassworm botnet. Working together, the three organizations managed to simultaneously ...
GitHub shipped the developer security industry's most-requested registry control on May 22, 2026: staged publishing, now generally available for all npm packages. The feature inserts a mandatory ...
GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack.
How do we fix code fast when the bug reports arrive faster? Multi-agent orchestration tools like Squad may be the answer. At Kubecon Europe recently, Linux kernel maintainer Greg Kroah-Hartman said ...
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious ...
Bitdefender researchers have discovered a malicious Windsurf IDE (integrated development environment) extension that deploys a multi-stage NodeJS stealer by using the Solana blockchain as the payload ...
Next.js developers are once again in the crosshairs as hackers seed malicious repositories disguised as legitimate projects, according to Microsoft, which said a limited set of those repos were ...