All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

forge-jsx npm Package: Purpose-Built Multi-Platform RAT

forge-jsx poses as an Autodesk Forge SDK on npm. On install it deploys a system-wide keylogger, recursive .env file scanner, shell history exfiltrator, and a WebSocket-based remote filesystem…

Read the full article
2mo ago

You might also wanna read

Typosquatted npm Package Delivers Windows RAT with Encrypted C2 and Registry Persistence

A newly discovered malware campaign is targeting Windows systems through a deceptive package on the npm registry. Disguised as a legitimate

cybersecuritynews.com·16d ago

IronWorm Supply-Chain Attack Targets Developers via Malicious npm Packages

A new self-replicating supply-chain attack dubbed "IronWorm" has been discovered in the wild. Built in Rust and hiding behind an eBPF rootki

cyberpress.org·1mo ago

Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

Meta description: Malicious versions of the Axios npm package (1.14.1 and 0.30.4) were published via a compromised maintainer account, injec

Snyk·3mo ago

Security Alert: Malicious Nx Packages Published to npm Containing Credential-Stealing Code

## Summary Malicious versions of the [`nx` package]( as well as some supporting plugin packages, were published to npm, containing code that

github.com·10mo ago

MAL-2026-10081: Malicious code in webrix-docs1 (npm)

--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (20cdefe1415c5b5245f36b10ea0de9033433b479768c2cc785a

radar.offseq.com·23h ago

AI-Generated npm Package Leaks Its Own GitHub Token, Exposing Malware Operator

Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator

Infosecurity Magazine - Information Security & IT Security News and Resources·1mo ago

AI-Generated npm Package Leaks Its Own GitHub Token, Exposing Malware Operator

Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator

infosecurity-magazine.com·1mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.