Aug 24, 2025Ravie LakshmananMalware / Supply Chain Security Cybersecurity researchers have discovered a malicious Go module that presents itself as […]
Category: Malicious
Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks
Cybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious behavior through a […]
Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes
Aug 07, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a set of 11 malicious Go packages that are […]
Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that […]
Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets
Jul 03, 2025Ravie LakshmananBrowser Security / Cryptocurrency Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that […]
Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that’s capable of harvesting sensitive developer-related […]
295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Jun 11, 2025Ravie LakshmananNetwork Security / Threat Intelligence Threat intelligence firm GreyNoise has warned of a “coordinated brute-force activity” targeting […]
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
Jun 08, 2025Ravie LakshmananMalware / Browser Security Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since […]
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, […]
Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, […]