JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript build tools that surround it, in a move to position its developer platform ...
Recently, npm, the essential package manager used by developers worldwide, suffered a massive supply chain attack. This ...
A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.
Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, today announced it has acquired VoidZero, the open source-first company behind the next-generation JavaScript tooling ecosystem ...
Microsoft has identified Crypto Clipper, a self-propagating malware that spreads via USB drives, stealing cryptocurrency ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results