SupplyChainAttack Archives • Information Security News

150,000 Package Flood: Amazon Uncovers Massive Token-Farming Attack on npm Registry PhantomVAI malware loader npm Token Farming SesameOp Malware Flyoobe Malware FlipSwitch Rootkit fezbox Malware ModStealer Malware NightshadeC2 OldGremlin AI ransomware LummaStealer Qilin, ransomware-as-a-service Human Cybersecurity Ransomware ACRStealer Interlock Ransomware OVERSTEP Rootkit Malduck WordPress Malware

PhantomVAI malware loader npm Token Farming SesameOp Malware Flyoobe Malware FlipSwitch Rootkit fezbox Malware ModStealer Malware NightshadeC2 OldGremlin AI ransomware LummaStealer Qilin, ransomware-as-a-service Human Cybersecurity Ransomware ACRStealer Interlock Ransomware OVERSTEP Rootkit Malduck WordPress Malware

150,000 Package Flood: Amazon Uncovers Massive Token-Farming Attack on npm Registry

ddos November 18, 2025

One of the largest supply-chain attacks ever recorded in the npm ecosystem has been uncovered, marking a...

Uhale Digital Photo Frames Ship with Root Access and Download Hidden Malware Uhale Photo Frame Malware

Uhale Digital Photo Frames Ship with Root Access and Download Hidden Malware

ddos November 17, 2025

A serious issue has been uncovered in the digital photo-frame market: Android-based devices sold under the Uhale...

The IndonesianFoods Worm: 67,000 Fake npm Packages Flood Registry to Farm Crypto Rewards PhantomVAI malware loader npm Token Farming SesameOp Malware Flyoobe Malware FlipSwitch Rootkit fezbox Malware ModStealer Malware NightshadeC2 OldGremlin AI ransomware LummaStealer Qilin, ransomware-as-a-service Human Cybersecurity Ransomware ACRStealer Interlock Ransomware OVERSTEP Rootkit Malduck WordPress Malware

The IndonesianFoods Worm: 67,000 Fake npm Packages Flood Registry to Farm Crypto Rewards

ddos November 14, 2025

The appearance of tens of thousands of fictitious packages in the npm ecosystem has unexpectedly evolved into...

2027 Time Bomb: Covert NuGet Packages Target SQL and PLCs with Scheduled Sabotage North Korea IT Worker Fraud Checkout.com ShinyHunters JLR Cyberattack GDP AI Cybercrime 2026 NuGet Sabotage Code CBO Cyberattack ZeroAccess Botnet Nuclear security Aisuru DDoS Record JLR Production Halt Zero-Day Exploitation Co-op Cyberattack RaidForums Extradition Vastaamo hacking Kaspersky report North Korean hackers Saint Paul Cyberattack NHS Cyberattack Russian APT Cloudflare Breached

North Korea IT Worker Fraud Checkout.com ShinyHunters JLR Cyberattack GDP AI Cybercrime 2026 NuGet Sabotage Code CBO Cyberattack ZeroAccess Botnet Nuclear security Aisuru DDoS Record JLR Production Halt Zero-Day Exploitation Co-op Cyberattack RaidForums Extradition Vastaamo hacking Kaspersky report North Korean hackers Saint Paul Cyberattack NHS Cyberattack Russian APT Cloudflare Breached

2027 Time Bomb: Covert NuGet Packages Target SQL and PLCs with Scheduled Sabotage

ddos November 10, 2025

Researchers discovered several NuGet packages in the public registry that conceal covert sabotage code scheduled to activate...

SupplyChainAttack

150,000 Package Flood: Amazon Uncovers Massive Token-Farming Attack on npm Registry

Uhale Digital Photo Frames Ship with Root Access and Download Hidden Malware

The IndonesianFoods Worm: 67,000 Fake npm Packages Flood Registry to Farm Crypto Rewards

2027 Time Bomb: Covert NuGet Packages Target SQL and PLCs with Scheduled Sabotage

You may have missed

The War for Your Documents: Why The Document Foundation is Challenging Microsoft’s OOXML Monopoly

Urgent Patch: Microsoft Defender Update Fixes Critical SYSTEM-Level Privilege Escalation Flaw

The Pre-Boot Breach: Microsoft Releases Critical Emergency Script to Defend Against “YellowKey” BitLocker Bypass

The Reddit Clone: Meta Secretly Launches “Forum” App to Unbundle Facebook Groups