NPM 7
- Someone's poking the bear with infostealers targeting Russian crypto developers
- AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
- Surveillance Malware Hidden in npm and PyPI Packages Targets Developers with Keyloggers, Webcam Capture, and Credential Theft
- Tracking Protestware Spread 28 npm Packages Affected by Payload Targeting Russian-Language Users
- Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
- Another Wave North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages
- Backdoors in Python and NPM Packages Target Windows and Linux