Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that […]
Category: Malicious
Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets
Jul 03, 2025Ravie LakshmananBrowser Security / Cryptocurrency Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that […]
Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that’s capable of harvesting sensitive developer-related […]
295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Jun 11, 2025Ravie LakshmananNetwork Security / Threat Intelligence Threat intelligence firm GreyNoise has warned of a “coordinated brute-force activity” targeting […]
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
Jun 08, 2025Ravie LakshmananMalware / Browser Security Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since […]
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, […]
Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, […]
Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts
Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to […]
Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
May 15, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a malicious package named “os-info-checker-es6” that disguises itself as […]
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads
May 13, 2025Ravie LakshmananSupply Chain Attack / Blockchain Cybersecurity researchers have discovered a malicious package on the Python Package Index […]