ADTmag

The Worm That Ate JavaScript: Inside the Shai-Hulud Supply Chain Attack

The JavaScript development community faced one of its most sophisticated supply chain attacks in September, when a ...
来自MSN

A terrifying, self-replicating malwaere has infected npm packages with over 2 million ...

A new supply-chain attack compromised at least 187 npm packages, targeting developer secrets across software projects Shai-Hulud worm looks to steal credentials, modify packages, and spread malware ...

Warning about data-stealer spreading through software used by millions of programmers

Security researchers worldwide are warning about a supply-chain attack on the Node Package Manager (NPM), where a ...
Bleeping Computer

Details emerge on WinRAR zero-day attacks that infected PCs with malware

Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop ...
Bleeping Computer

APT36 hackers abuse Linux .desktop files to install malware in new attacks

The Pakistani APT36 cyberspies are using Linux .desktop files to load malware in new attacks against government and defense entities in India. Although the attacks described in the two reports use ...