Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation
Malicious npm packages spread via worm-like propagation and steal developer credentials
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Malicious npm packages spread via worm-like propagation and steal developer credentials
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
Supply chain worm mimicking Shai-Hulud malware spread via malicious npm packages, targeting AI tools has been identified by security researchers
Supply chain breach in eScan antivirus distributes multi-stage malware via legitimate updates
A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity
Legitimate software used to deploy backdoor malware
Software supply chain attacks realize researchers' worst fears