packages
-
Malicious npm Packages Found Using Image Files to Hide Backdoor Code
Jul 16, 2024NewsroomOpen Source / Software Supply Chain Cybersecurity researchers have identified two malicious packages on the npm package registry…
Read More » -
Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks
Jul 01, 2024NewsroomSupply Chain / Software Security A trio of security flaws has been uncovered in the CocoaPods dependency manager…
Read More » -
Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan
Jun 15, 2024Newsroom Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first…
Read More » -
Bogus npm Packages Used to Trick Software Developers into Installing Malware
An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview…
Read More » -
Over 800 npm Packages Found with Discrepancies, 18 Exploitable to ‘Manifest Confusion’
New research has discovered over 800 packages in the npm registry which have discrepancies from their registry entries, out of…
Read More » -
Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets
Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to…
Read More » -
Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the…
Read More » -
North Korean Hackers Targeting Developers with Malicious npm Packages
A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean…
Read More » -
New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics
Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique…
Read More »