Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets
Attackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secrets
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Attackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secrets
Malicious npm packages spread via worm-like propagation and steal developer credentials
Ghost npm campaign fakes install logs to steal sudo passwords and drop RATs that loot crypto and data
Malicious npm package Fezbox uses QR codes to steal credentials from browser cookies
A secret-stealing worm is spreading fast across the npm ecosystem, experts have warned
A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity
SecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware
A new supply chain attack targets Ethereum tools, exploiting npm packages to steal sensitive data
Kaspersky claims malware also steals card data
GitHub says npm is among the organizations affected