MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
packages
Recherche

Crims poison 150K+ npm packages with token-farming malware

vendredi 14 novembre 2025, 19:22 , par TheRegister
Amazon spilled the TEA
Yet another supply chain attack has hit the npm registry in what Amazon describes as 'one of the largest package flooding incidents in open source registry history' - but with a twist. Instead of injecting credential-stealing code or ransomware into the packages, this one is a token farming campaign.…
Lire la suite sur TheRegister
https://go.theregister.com/feed/www.theregister.com/2025/11/14/selfreplicating_supplychain_attack_po...

Voir aussi

packages Rhadamanthys malware admin rattled as cops seize a thousand-plus servers TheRegister13 Nov
npm Cyberattaque russe sur Windows : le malware Danabot revient d’entre les morts avec de nouvelles tactiques 01net13 Nov
crims Attackers turned Citrix, Cisco 0-day exploits into custom-malware hellscape TheRegister12 Nov
registry Bank of America Faces Lawsuit Over Alleged Unpaid Time for Windows Bootup, Logins, and Security Token Requests Slashdot 8 Nov
amazon Cybercrims plant destructive time bomb malware in industrial .NET extensions TheRegister 7 Nov
malware Google repère les malware qui se transforment en cours d'attaque, grâce à l'IA ZDNet.fr 7 Nov
poison Malicious npm packages contain Vidar infostealer InfoWorld 7 Nov
token-farming Gootloader malware back for the attack, serves up ransomware TheRegister 6 Nov
packages Malware-pwned laptop gifts cybercriminals Nikkei's Slack TheRegister 6 Nov
npm Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes TheRegister 5 Nov
crims Russian spies pack custom malware into hidden VMs on Windows machines TheRegister 4 Nov
registry Invasion of the message body snatchers! Teams flaw allowed crims to impersonate the boss TheRegister 4 Nov
amazon OpenAI API moonlights as malware HQ in Microsoft’s latest discovery TheRegister 4 Nov
malware Attackers targeting unpatched Cisco kit notice malware implant removal, install it again TheRegister 3 Nov
poison Ce nouveau malware écrit et clique comme un humain pour passer inaperçu 01net 1 Nov
token-farming Claude code will send your data to crims ... if they ask it nicely TheRegister30 Oct
packages Invisible npm malware pulls a disappearing act – then nicks your tokens TheRegister30 Oct
npm Herodotus : le malware Android qui imite l'humain pour mieux vous voler ! Génération-NT29 Oct
crims Android malware types like your gran to steal banking creds TheRegister28 Oct
registry L'application Bing Wallpaper de Microsoft se comporte comme un malware Génération-NT28 Oct
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Date Actuelle
ven. 14 nov. - 22:52 CET