According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

Popular npm packages debug, chalk, and others hijacked in massive supply chain attack Crims have added backdoors to at least ...

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

A team of data thieves has doubled down by developing its CastleRAT malware in both Python and C variants. Both versions spread by tricking users into pasting malicious commands through a technique ...

CastleRAT and CastleLoader, active since March 2025, spread malware via phishing and GitHub repos, enabling data theft.

ReversingLabs reveals hackers using Ethereum Smart contracts in NPM packages to conceal malware URLs, bypass scans, and ...

Scientists at NYU developed a ransomware prototype that uses LLMs to autonomously to plan, adapt, and execute ransomware attacks. ESET researchers, not knowing about the NYU project, apparently ...

Hackers use Ethereum smart contracts to hide malware in NPM packages, launching a stealthy crypto-themed supply chain attack.

Malware targeting Ethereum smart contracts is not entirely new. Earlier this year, the North Korean-affiliated Lazarus Group ...

Security researchers found malware packages using the Ethereum blockchain to conceal malicious commands on GitHub repos.

Scheduled for rollout starting in September 2026, the program aims to restrict malware distribution by requiring developer ...