New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
Forbes

Top Remote Work Statistics And Trends

Katherine Haan, MBA, is a Senior Staff Writer for Forbes Advisor and a former financial advisor turned international bestselling author and business coach. For more than a decade, she’s helped small ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

In mid-January 2026, Microsoft Defender Experts identified a credential theft campaign that uses fake virtual private network (VPN) clients distributed through search engine optimization (SEO) ...