Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate " ...
Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
The security research team at JFrog, a provider of a platform for building and deploying software, have discovered a critical vulnerability in a node ...
Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the ...
The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems ...
An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.
Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...
Atroposia malware kit lowers the bar for cybercrime — and raises the stakes for enterprise defenders
Researchers have discovered an inexpensive, full-featured malware-as-a-service kit combining vulnerability scanning, covert ...
Here’s how you can download the new battle royale Battlefield RedSec for free, whether you’re playing on PC, PS5, and Xbox.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback