MYRA: A Full Linux RAT Distributed via npm
The npm package apintergrationpost is a red team RAT called MYRA with native C rootkit, triple persistence, fileless execution, live screen streaming, and process masquerade. This analysis documents…
Read the full articleYou might also wanna read
Typosquatted npm Package Delivers Windows RAT with Encrypted C2 and Registry Persistence
A newly discovered malware campaign is targeting Windows systems through a deceptive package on the npm registry. Disguised as a legitimate
cybersecuritynews.com·16d agoPackage Management MCP Servers — NuGet, npm, PyPI, Maven, and the Quest for AI-Assisted Dependency Intelligence
Package management MCP servers: NuGet official v1.4.1 (2.5M downloads, transitive vuln remediation), Socket MCP (101 stars, supply chain sec
MAL-2026-10038: Malicious code in antsrcsrctest (npm)
The npm package 'antsrcsrctest' version 1.0.0 contains malicious code that executes during installation. Its preinstall script exfiltrates s
Lookalike npm Package Hides a Multi-Stage Windows RAT
JFrog found an npm package impersonating postcss-selector-parser to drop a multi-stage Windows RAT

Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT
Meta description: Malicious versions of the Axios npm package (1.14.1 and 0.30.4) were published via a compromised maintainer account, injec
MAL-2026-10048: Malicious code in chai-as-thread (npm)
The npm package 'chai-as-thread' version 7.0.8 is a malicious typosquatting package that executes remote code. Upon requiring the package, i

Comments
Sign in to join the conversation.
No comments yet. Be the first.