CSO Online

Typo hackers sneak cross-platform credential stealer into 10 npm packages

The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...
SecurityWeek

136 NPM Packages Delivering Infostealers Downloaded 100,000 Times

For the past four months, over 130 malicious NPM packages deploying information stealers have been collectively downloaded ...
CSO Online

BlueNoroff reemerges with new campaigns for crypto theft and espionage

GhostCall and GhostHire use fake investor meetings and bogus recruiter tests to deliver cross-platform malware to blockchain ...