npm
-
New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers
Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack targeting various organizations, unlike typical…
Read More » -
Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks
A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions of systems to potential remote…
Read More » -
Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware
Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through malicious packages disguised as legitimate…
Read More »