pull down to refresh

PhantomRaven: NPM Malware Hidden in Invisible Dependencieswww.koi.ai/blog/phantomraven-npm-malware-hidden-in-invisible-dependencies
389 sats \ 2 comments \ @kepford 30 Oct 2025 security
related
Multiple redhat-cloud-services npm Packages compromised - StepSecuritywww.stepsecurity.io/blog/multiple-redhat-cloud-services-npm-packages-compromised
776 sats \ 1 comment \ @winteryeti 2 Jun tech
'Sha1-Hulud' npm malware is back
377 sats \ 0 comments \ @anon 28 Nov 2025 lightning
🚨 CRITICAL: supply chain attack on axios
1626 sats \ 8 comments \ @justin_shocknet 31 Mar devs
We Just Found Malicious Code in the Popular NPM Packagejdstaerk.substack.com/p/we-just-found-malicious-code-in-the
1497 sats \ 18 comments \ @kristapsk 8 Sep 2025 security
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaignthehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html
1134 sats \ 5 comments \ @Scoresby 23 Apr tech devs
TanStack NPM Packages Compromisedgithub.com/TanStack/router/issues/7383
1054 sats \ 7 comments \ @hn 11 May tech
Wallet-stealer malware on macOS: here’s what I built to solve itwww.getshieldkey.com
24.9k sats \ 12 comments \ @panicsell 21 May 2025 privacy
Compromised npm package silently installs OpenClaw on developer machineswww.csoonline.com/article/4135449/compromised-npm-package-silently-installs-openclaw-on-developer-machines.html
422 sats \ 4 comments \ @winteryeti 24 Feb AI
NPM security: preventing supply chain attacks | Snyk (2022)snyk.io/blog/npm-security-preventing-supply-chain-attacks/
517 sats \ 20 comments \ @ek 9 Sep 2025 security
A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHubwww.wired.com/story/github-malware-spreading-network-stargazer-goblin/
293 sats \ 2 comments \ @1GLENCoop 26 Jul 2024 security
ECONNREFUSED for `npm install -g pnpm`. help?
259 sats \ 5 comments \ @deSign_r 24 Oct 2024 devs
Tinycolor npm Package Compromised in (another) Supply Chain Attacksocket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
1053 sats \ 3 comments \ @aljaz 16 Sep 2025 security
The Silent, Fileless Threat of VShellwww.trellix.com/blogs/research/the-silent-fileless-threat-of-vshell/
340 sats \ 1 comment \ @optimism 25 Aug 2025 security
NPM debug and chalk packages compromisedwww.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
263 sats \ 0 comments \ @hn 8 Sep 2025 tech
Newly discovered Linux malware specializes in stealth and Monero miningwww.bleepingcomputer.com/news/security/linux-malware-perfctl-behind-years-long-cryptomining-campaign/
366 sats \ 0 comments \ @dontforgetthekeys 4 Oct 2024 security
🧵 Widespread malware attack on GitHubnitter.it/stephenlacy/status/1554697077430505473
315 sats \ 14 comments \ @cryptocoin 3 Aug 2022 bitcoin
Npm Run Hack:Me - A Supply Chain Attack Journeyrxj.dev/posts/npm-run-hack-supply-chain-attack-journey/
661 sats \ 1 comment \ @k00b 12 Mar 2025 devs
The importance of minimizing dependencies in Bitcoin Corebrink.dev/blog/2025/09/19/minimizing-dependencies/
4327 sats \ 8 comments \ @schmidty 19 Sep 2025 bitcoin
DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchainscloud.google.com/blog/topics/threat-intelligence/dprk-adopts-etherhiding/
200 sats \ 0 comments \ @0xbitcoiner 16 Oct 2025 security
Password-stealing Linux malware served for 3 years and no one noticedarstechnica.com/security/2023/09/password-stealing-linux-malware-served-for-3-years-and-no-one-noticed/
757 sats \ 0 comments \ @kristapsk 13 Sep 2023 tech
LiteLLM infected with credential-stealing code via Trivywww.theregister.com/2026/03/24/trivy_compromise_litellm/
503 sats \ 3 comments \ @0xbitcoiner 25 Mar AI