packages - Techurz

Cyber Reality

PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs

TechurzNovember 2, 2025

Oct 30, 2025Ravie LakshmananDevSecOps / Software Security Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting…

Cyber Reality

Typo hackers sneak cross-platform credential stealer into 10 npm packages

TechurzOctober 31, 2025

Payload for IP fingerprinting and credential theft Once the fake CAPTCHA interaction occurs, the installer sends the victim’s IP address…

Cyber Reality

Malicious packages in npm evade dependency detection through invisible URL links: Report

TechurzOctober 31, 2025

At some point, npm leadership either discovered this campaign on its own or was alerted by other researchers, because in…

Cyber Reality

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

TechurzOctober 30, 2025

Oct 29, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a set of 10 malicious npm packages that are…

Cyber Reality

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

TechurzOctober 14, 2025

Oct 14, 2025Ravie LakshmananMalware / Typosquatting Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that…

Cyber Reality

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

TechurzOctober 11, 2025

Oct 10, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm…

Cyber Reality

A Dangerous Worm Is Eating Its Way Through Software Packages

TechurzSeptember 20, 2025

New findings this week showed that a misconfigured platform used by the Department of Homeland Security left sensitive national security…

Cyber Reality

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

TechurzSeptember 18, 2025

Sep 18, 2025Ravie LakshmananMalware / Supply Chain Attack Cybersecurity researchers have discovered two new malicious packages in the Python Package…

Cyber Reality

40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials

TechurzSeptember 16, 2025

Sep 16, 2025Ravie LakshmananMalware / Cyber Attack Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm…

Cyber Reality

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys

TechurzSeptember 6, 2025

Sep 06, 2025Ravie LakshmananSoftware Security / Cryptocurrency A new set of four malicious packages have been discovered in the npm…

What's Hot

Clio’s $500M milestone arrives just as Anthropic ups the ante

Anduril raises $5B, doubles valuation to $61B

Kevin Hartz’s A* just closed its third fund with $450M

Browsing: packages

PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs

Typo hackers sneak cross-platform credential stealer into 10 npm packages

Malicious packages in npm evade dependency detection through invisible URL links: Report

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

A Dangerous Worm Is Eating Its Way Through Software Packages

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys

College social app Fizz expands into grocery delivery

A Former Apple Luminary Sets Out to Create the Ultimate GPU Software

The Reason Murderbot’s Tone Feels Off

Most Popular

College social app Fizz expands into grocery delivery

A Former Apple Luminary Sets Out to Create the Ultimate GPU Software

The Reason Murderbot’s Tone Feels Off

Our Picks

Clio’s $500M milestone arrives just as Anthropic ups the ante

Anduril raises $5B, doubles valuation to $61B

Kevin Hartz’s A* just closed its third fund with $450M

Subscribe to Updates

What's Hot

Browsing: packages

Subscribe to Updates