News

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
ZATAZ

Maranhão Stealer: a new campaign targets credentials and cryptocurrencies

Once executed, Maranhão Stealer lodges itself in a directory named “Microsoft Updater” under %localappdata%\Programs. The main element, updater.exe, is programmed to auto-launch via Run registry keys ...
Make Tech Easier

The Ultimate Guide to Linux Default Package Managers

Confused by APT, DNF, PACMAN, or Zypper? This guide explains the default package managers of various Linux distributions.
Securities.io

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

Over 300 npm packages compromised by self-replicating worm0 0

A new piece of malware is spreading through the popular tinycolor NPM library and more than 300 other packages, some of which ...