node-env-resolve: npm Package Installs a Full RAT
node-env-resolve is a malicious npm package that installs a full-featured remote access trojan on developer machines. The RAT streams screens, captures audio, steals browser history, and gives full…
Read the full articleYou might also wanna read
Typosquatted npm Package Delivers Windows RAT with Encrypted C2 and Registry Persistence
A newly discovered malware campaign is targeting Windows systems through a deceptive package on the npm registry. Disguised as a legitimate
cybersecuritynews.com·17d agoaxios npm Package Compromised: Versions 1.14.1 and 0.30.4 Contain RAT Malware
TL;DR On March 30–31, 2026, axios versions 1.14.1 and 0.30.4 were compromised on npm with...
cstu.io·27d ago
Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT
Meta description: Malicious versions of the Axios npm package (1.14.1 and 0.30.4) were published via a compromised maintainer account, injec
MAL-2026-10117: Malicious code in nodemon-slint (npm)
The nodemon-slint package on npm contains malicious code that fully compromises any computer on which it is installed or running. The compro
MAL-2026-10118: Malicious code in execfences (npm)
The npm package 'execfences' contains malicious code that compromises any computer on which it is installed or running. This compromise pote
Compromised axios npm package delivers cross-platform RAT
An attacker hijacked an axios maintainer's npm account to publish malicious releases that deliver a cross-platform RAT.

Comments
Sign in to join the conversation.
No comments yet. Be the first.