Cyber Security

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
Cybersecurity researchers have disclosed what they say is an active "Shai-Hulud-like" supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages to enable credential harvesting and cryptocurrency key theft. The campaign has been codenamed SANDWORM_MODE by supply chain security company Socket. As with prior Shai-Hulud attack waves, the malicious code embedded
Read More

Related Posts

Enterprises are racing to secure agentic AI deployments

Enterprises are racing to secure agentic AI deployments

Perplexity AI lands on Samsung’s next Galaxy lineup

Perplexity AI lands on Samsung’s next Galaxy lineup

Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount

Iran's MuddyWater Targets Orgs With Fresh Malware as Te...

Japanese chip-testing toolmaker Advantest suffers ransomware attack

Japanese chip-testing toolmaker Advantest suffers ranso...

Lenovo adds new AI-driven edge systems to ThinkEdge portfolio

Lenovo adds new AI-driven edge systems to ThinkEdge por...

How Exposed Endpoints Increase Risk Across LLM Infrastructure

How Exposed Endpoints Increase Risk Across LLM Infrastr...