PhantomRaven Attack: New Malware Steals CI/CD Secrets via AI Slopsquatting on npm
The ongoing PhantomRaven campaign has targeted developers via the npm registry, disseminating dozens of malicious packages across the ecosystem in a short span. Embedded within these packages, malicious code harvests authentication tokens, CI/CD secrets,...
