An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal ...
For the past four months, over 130 malicious NPM packages deploying information stealers have been collectively downloaded ...
The ongoing ‘PhantomRaven’ malicious campaign has infected 126 npm packages to date, representing 86,000 downloads ...
Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.
Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, ...
Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
CISA has ordered federal agencies to patch a high-severity vulnerability in Broadcom's VMware Aria Operations and VMware ...
Software supply chain security firm JFrog has disclosed the details of a critical vulnerability affecting a popular React ...
Modern Chromebooks support installing Linux apps, meaning the Play Store isn’t the only place to download apps. This makes Chrome OS devices all the more valuable, given that they can run everything ...
Fortinet unveiled two new tools at its recent SASE Summit aimed at helping IT teams and solution providers strengthen security and streamline operations. The first, FortiAI Assist, uses generative AI ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback