Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that’s capable of harvesting sensitive developer-related […]
Category: Malicious
295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Jun 11, 2025Ravie LakshmananNetwork Security / Threat Intelligence Threat intelligence firm GreyNoise has warned of a “coordinated brute-force activity” targeting […]
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
Jun 08, 2025Ravie LakshmananMalware / Browser Security Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since […]
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, […]
Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, […]
Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts
Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to […]
Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
May 15, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a malicious package named “os-info-checker-es6” that disguises itself as […]
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads
May 13, 2025Ravie LakshmananSupply Chain Attack / Blockchain Cybersecurity researchers have discovered a malicious package on the Python Package Index […]
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
May 09, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have flagged three malicious npm packages that are designed to […]
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
May 03, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code […]