Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to […]
Category: Malicious
Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
May 15, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a malicious package named “os-info-checker-es6” that disguises itself as […]
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads
May 13, 2025Ravie LakshmananSupply Chain Attack / Blockchain Cybersecurity researchers have discovered a malicious package on the Python Package Index […]
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
May 09, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have flagged three malicious npm packages that are designed to […]
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
May 03, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code […]
Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders
Apr 15, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package […]
Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses
Apr 10, 2025Ravie LakshmananMalware / Cryptocurrency Threat actors are continuing to upload malicious packages to the npm registry so as […]
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
Apr 05, 2025Ravie LakshmananMalware / Supply Chain Attack Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) […]
Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks
Mar 26, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered two malicious packages on the npm registry that […]
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Mar 15, 2025Ravie Lakshmanan Malware / Supply Chain Security Cybersecurity researchers have warned of a malicious campaign targeting users of […]