#Malicious

Forensic Summary A malicious npm package named 'mouse5212-super-formatter' was discovered...

A malicious npm package called ua-parser-js2 impersonated the legitimate ua-parser-js library to steal sensitive files, environment variables, SSH keys, and credentials from developer machines via a post-install script.…

CISA urges organizations to implement these recommendations to detect and remediate a potential compromise:

The 'Mini Shai-Hulud' attack compromised 169 npm packages in 6 minutes via poisoned CI cache and valid SLSA signatures.

Revenge-RAT v0.3 (cracked) is a malicious Remote Access Trojan (RAT) circulating in underground...

Hackers spent months hiding malware behind fake Apple-themed internet infrastructure and similarly bogus Windows pop-ups to infiltrate organizations across the Asia-Pacific region without triggering obvious security alarms. Here's how they did it.

This report details a malicious Google ad campaign targeting macOS users. Attackers utilized search...

How the TanStack npm compromise fits into the broader Mini Shai-Hulud campaign across npm, PyPI, GitHub Actions, IDE hooks, and CI/CD secrets.

Yesterday, between 19:20 and 19:26 UTC, six minutes of automated publishing destroyed the trust model...

The article details a macOS malware infection traced back to a malicious Google ad. Users searching...

From Dev Community: Win11 Zero-Days, npm Supply Chain, & AI Agent Security Threats

Let me tell you about the event-stream incident. In 2018, a popular npm package with 2 million...

From Latest from Tom's Hardware: Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'mini Shai Hulud' malware infection — supply-chain campaign spreads across npm and AI developer ecosystems like wildfire

Six-minute supply chain blitz pushed 84 malicious versions with credential theft and disk-wiping code

The official JDownloader website was recently compromised in a supply chain attack, resulting in the...

In April, a sophisticated cyber intrusion was identified involving the deployment of EtherRAT via a...

The official website of the popular JDownloader download manager was compromised earlier this week,...

Have you ever been browsing on Safari and suddenly a page screams "Your iPhone is infected!" or tries...

This article was originally published on ThreatChain — decentralized threat intelligence. It's...

Is your Claude Code safe? Six months after befriending Base64, I keep finding them in shady places: hidden in supply chain attacks, MCP exploits, and AI agent compromises. A 2026 misuse tour for developers.