thumbnail Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub
thumbnail Dozens of npm Packages Caught Attempting to Deploy Reverse Shell
thumbnail Developers Warned of Malicious PyPI, NPM, Ruby Packages Targeting Macs - SecurityWeek
thumbnail Nascent Malware Campaign Targets npm, PyPI, and RubyGems Developers
thumbnail An Ongoing Open Source Attack Reveals Roots Dating Back To 2021
thumbnail Fake Roblox packages target npm with Luna Grabber information-stealing malware
thumbnail Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks
thumbnail Hijacking S3 Buckets: New Attack Technique
thumbnail Who Broke NPM?: Malicious Packages Flood Leading to Denial of Service
thumbnail Phylum Detects Ongoing Typosquat/Ransomware Campaign in PyPI and NPM
thumbnail Threat Alert: Private npm Packages Disclosed via Timing Attacks
thumbnail Software Supply Chain Attackers; Organized, Persistent, and Operating for over a Year
thumbnail npm Supply Chain Attack Targeting Germany-Based Companies
thumbnail Sabotage: Code added to popular NPM package wiped files in Russia and Belarus | Ars Technica