Researchers at Arctic Wolf have reported a new campaign, dubbed GPUGate, in which adversaries exploit Google Ads and fraudulent GitHub commits to distribute malware targeting IT firms and developers across Western Europe. Active since...
The GhostAction attack stands as one of the most significant compromises of the GitHub ecosystem in recent years. Researchers at GitGuardian uncovered a sweeping campaign in which threat actors injected malicious workflow files into...
Researchers at Socket have uncovered a malicious npm package named nodejs-smtp, masquerading as the widely used nodemailer library (which averages 3.9 million weekly downloads). In reality, the package serves as a tool for covert...
Experts at ReversingLabs have uncovered a critical loophole in the VS Code Marketplace. The platform allows new extensions to be published under the same names previously used by other packages, provided those packages were...
The NPM ecosystem has been struck by a new supply chain attack, this time targeting the Nx project, into whose repository several malicious package versions were uploaded late Tuesday evening. According to researchers at...
The fast-glob library—used in thousands of public Node.js projects and in more than thirty systems of the U.S. Department of Defense—has turned out to be the work of a single developer. Online profiles indicate...
Experts at Socket have uncovered a malicious Go package named golang-random-ip-ssh-bruteforce, which masquerades as a tool for brute-forcing SSH credentials but in reality exfiltrates them to its author via Telegram. The module’s logic is...
Researchers have uncovered a new politically tinged campaign targeting the Solana blockchain ecosystem and, apparently, developers of cryptocurrency projects in Russia. Specialists at Safety, a company focused on securing software supply chains, identified a...
The developers of the Python Package Index (PyPI) have announced the introduction of a new email domain verification mechanism aimed at curbing attacks that exploit expired domains and reducing the risk of package compromise....
Cybersecurity researchers have uncovered 11 malicious Go packages designed to download additional components from remote servers and execute them on both Windows and Linux systems. According to Socket researcher Olivia Brown, during execution the...
Two malicious packages have been discovered in the NPM ecosystem, disguised as libraries for building bots and automated services using the WhatsApp Business API. Identified by researchers at Socket, these modules mimicked popular WhatsApp...
A malicious package discovered in the NPM ecosystem by researchers at Safety turned out to be far more than a simple trojan for cryptocurrency theft—it stood as a striking example of an attack orchestrated...
