资讯

Decrypt15 小时

Researchers Uncover Undetectable Malware Draining Crypto Browser Wallets

Security firm Mosyle has disclosed ModStealer, a cross-platform malware that evades antivirus software and targets browser ...

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
Securities.io1 天

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...
Security Boulevard1 天

How npm Security Collapsed Thanks To a 2FA Exploit

Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...
Cyber Security Intelligence3 天

North Korean Hackers Evade Detection

N Korea's expert hackers use social engineering tactics to target job seekers in the cryptocurrency & blockchain sectors.