Attackers have poisoned a code package on the npm registry in a novel way, hiding credential-stealing malware in steganographic QR codes embedded in a package purporting to offer a JavaScript utility.
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three ...
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Over half of the malware Sonatype discovered in Q1 2025 was designed to exfiltrate sensitive information from infected systems, the company said. Software supply chain security company Sonatype ...
The CursedGrabber malware has infiltrated the open-source software code repository. Three malicious software packages have been published to npm, a code repository for JavaScript developers to share ...