All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

c0a15726-c5b1-4b0d-85e6-fe15553df9e2

33 articles on OpenSourceMalware Blog

Appears on

Articles33

Cybersecurity Startup Publishes Infostealers to NPM

Typosquatted AI-tool packages quietly collected git, SSH, and cloud identity data through install scripts, tracing back to one unexpected publisher

0
OpenSourceMalware Blog6h ago

IndonesianFoods Worm Publishes 86,000+ Malicious NPM Packages

NPM was flooded with junk packages that waste infrastructure resources, pollute search results, and creates supply chain risks if devs accidentall consume them.

0
OpenSourceMalware Blog7mo ago

DPRK Contagious Interview Malware Weaponizes Microsoft VSCode Tasks

Lazarus Group evolves their developer-focused campaign to hide malware in VS Code tasks.json files

0
OpenSourceMalware Blog7mo ago

Elf-Stats NPM Christmas Spam Campaign

This campaign includes 36 individual packages spread across 23 different NPM users.

0
OpenSourceMalware Blog7mo ago

DPRK Malware Hiding in Microsoft VSCode Dictionary Files

North Korean threat actors are hiding multi-stage malware droppers in VSCode configuration files, disguised as spell-check dictionaries.

0
OpenSourceMalware Blog6mo ago

A Comprehensive Analysis of DPRK's Contagious Interview

A single NPM package that led us to the Lazarus Groups latest campaign targeting software engineers using fake recruiters on LinkedIn, Fiverr and UpWork.

0
OpenSourceMalware Blog5mo ago

Small Open-Source Maintainers Targeted by VS Code Tasks Malware

At least 21 small OSS maintainers hit in 72 hours via malicious VS Code task configurations

0
OpenSourceMalware Blog5mo ago

DPRK Contagious Interview “Fake Font” Abuses VS Code Tasks

“Lazarus Group's Fake Font campaign abuses VS Code task automation to silently execute BeaverTail malware, delivering the InvisibleFerret backdoor”

0
OpenSourceMalware Blog5mo ago

Malicious ClawHub Skills Target OpenClaw Users

Malicious ClawdBot skills target ByBit, Polymarket, Axiom, Reddit and LinkedIn, installing malware on unsuspecting OpenClaw user machines.

0
OpenSourceMalware Blog5mo ago

Malicious ClawHub Skills Use External Websites to Hide in Plain Sight

Threat actors evolved ClawHub malware by moving payloads to convincing fake websites, allowing them to completely circumvent VirusTotal scans.

0
OpenSourceMalware Blog5mo ago

XPACK Malware Disguises Cryptocurrency Extortion as NPM Package Monetization

A malware campaign weaponizes npm to extort crypto payments from developers during package installation

0
OpenSourceMalware Blog5mo ago

Neutralinojs Compromised In DPRK Attack

DPRK threat actors compromised Neutralinojs as part of a larger attack that utilizes stolen GitHub credentials to force-push backdated malicious commits

0
OpenSourceMalware Blog4mo ago

GlassWorm Invades GitHub, NPM, VS Code, and Python

The latest Glassworm attack compromised 430+ GitHub projects by leveraging four different ecosystems

0
OpenSourceMalware Blog3mo ago

TeamPCP Defaces Aqua Security’s Internal GitHub Org

TeamPCP compromised the aquasec-com GitHub organization, renaming all 44 repositories and exposing internal source code, CI/CD configs, and knowledge bases.

0
OpenSourceMalware Blog3mo ago

TeamPCP Hijacks LiteLLM's PyPI Package

TeamPCP compromised the LiteLLM maintainer's PyPI account and published malicious versions that steal credentials from every Python process on the host.

0
OpenSourceMalware Blog3mo ago

Malicious Transitive Dependency in Axios Affects Millions of Users

The Axios NPM package has been compromised and the maintainer of the project has been locked out of their account. This will go down in history as one of the

0
OpenSourceMalware Blog3mo ago

TasksJacker DPRK Attack Compromises GitHub Users Via VS Code Tasks

A technical deep-dive into the next generation of DPRK attacks that borrows from Shai-hulud and Contagious Interview to compromise dozens of GitHub users

0
OpenSourceMalware Blog3mo ago

Has TeamPCP Pivoted To Using The PureHVNC RAT?

New threat campaign using PureHVNC has been tied to TeamPCP.

0
OpenSourceMalware Blog3mo ago

Hundreds of GitHub Repos Compromised By DPRK's PolinRider Campaign

Lazarus Group compromises GitHub repositories by implanting a malicious, obfuscated JavaScript payload.

0
OpenSourceMalware Blog3mo ago

Velora (formerly ParaSwap) SDK Version 9.4.1 Compromised And Installing Malware

The npm package @velora-dex/sdk version 9.4.1 contains malicious code that automatically downloads and executes a shell script from a remote server when the

0
OpenSourceMalware Blog3mo ago