A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.
A desktop app that lets users stream any movie, TV series, or anime for free and without ads hit the top of GitHub’s global ...
Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...
Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...
A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code, marking what researchers say is an ...
Requires Node v24.13.1 or higher ES5 support only. No complex features: async, generator, and even try..finally aren't supported. Experimental. Expect issues. Try the ...
Abstract: Obfuscation is the technique of making code difficult to read or comprehend. Nowadays, attackers often hide their malicious code using obfuscation and use it as a tool to exploit users. In ...
Abstract: Obfuscation refers to changing the structure of code in a way that original semantics can be hidden. These techniques are often used by application developers for code hardening but it has ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results