Malicious NPM packages fetch infostealer for Windows, Linux, macOS

Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...

PhantomRaven attack floods npm with credential-stealing packages

An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.
The Hacker News

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
PCGamesN

PLS Donate codes October 2025

October 25, 2025: You can still grab a free Laser Beam booth with the latest PLS Donate code. What are the new PLS Donate codes? This donation simulator from Hazem is a big hit on Roblox , chiefly ...