For the past four months, over 130 malicious NPM packages deploying information stealers have been collectively downloaded ...
An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal ...
Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 credential-stealing packages since August, mostly without detection.
The ongoing ‘PhantomRaven’ malicious campaign has infected 126 npm packages to date, representing 86,000 downloads ...
Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
WINGET is a command-line tool that helps you install, uninstall, and obtain more information about an app using Windows PowerShell. This open-source tool is intended for developers to run packages ...
Almost a dozen malicious npm packages, delivering dangerous infostealing malware, were downloaded roughly 10,000 times before ...
Victims of the GhostCall campaign span several infected macOS hosts located in Japan, Italy, France, Singapore, Turkey, Spain ...
There isn’t a consistent threat model for extension marketplaces yet, McCarthy said, making it difficult for any platform to anticipate these risks. However, he added, Microsoft’s marketplace has seen ...
XDA Developers on MSN
Gitea is more than just a self-hosted GitHub alternative
Gitea puts you in charge of your system, allowing you to build trust in your setup and customize it to meet your exact needs.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback