Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 credential-stealing packages since August, mostly without detection.
Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
GlassWorm spread via 14 VS Code extensions; Solana + Google Calendar C2; stole credentials, drained 49 wallets.
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback