SecurityWeek

136 NPM Packages Delivering Infostealers Downloaded 100,000 Times

For the past four months, over 130 malicious NPM packages deploying information stealers have been collectively downloaded ...
Developer Tech

Malware campaign on npm steals AWS, GCP, and Azure cloud keys

An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.
The Hacker News

âš¡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens

Active WSUS exploits, LockBit 5.0’s comeback, a Telegram backdoor, and F5’s hidden breach — this week’s biggest cyber threats ...