Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this ...
GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.
Explore emerging attack methods, evolving AI-driven threats, supply chain risks, and strategies to strengthen defenses and ...
An infostealer particularly focused on stealing cryptocurrency wallet data from macOS, Windows and Linux users has been ...
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...
A new cross-platform malware named “ModStealer” actively targets crypto wallets while remaining undetected by major antivirus ...
The newly surfaced Salty2FA phishing kit shows attackers can sidestep multi-factor authentication by cloaking attacks in ...
An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain crypto wallets.
ModStealer malware targets crypto wallets on Windows, macOS, and Linux, spreading via fake job ads and threatening digital ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback