open source

NodeJS malware caught exfiltrating IPs, username, and device information on GitHub 2 min read

Malware
News
Security

NodeJS malware caught exfiltrating IPs, username, and device information on GitHub

Ax Sharma October 2, 2020

Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These “typosquatting” packages served no purpose other than collecting data from the... Read More

20,000 GitHub projects at risk from Node.js ‘standard-version’ library vulnerability 2 min read

News
Security

20,000 GitHub projects at risk from Node.js ‘standard-version’ library vulnerability

Ax Sharma July 23, 2020

More than 20,000 GitHub projects rely on the Node.js standard-version utility to implement semantic versioning (semver) and for generating CHANGELOG files for their builds. A... Read More

open source

NodeJS malware caught exfiltrating IPs, username, and device information on GitHub

20,000 GitHub projects at risk from Node.js ‘standard-version’ library vulnerability

You may have missed

Sea Turtle Cyber Espionage Campaign Targets Telecommunication and IT Companies in the Netherlands

Rogue WordPress plugin: Threat hunters uncover credit card skimming campaign targeting e-commerce sites

Albanian Parliament and telco ‘One Albania’ suffer cyber attacks

Carbanak Banking Malware Resurfaces with Updated Tactics in Ransomware Attacks

Share this:

NodeJS malware caught exfiltrating IPs, username, and device information on GitHub

Share this:

20,000 GitHub projects at risk from Node.js ‘standard-version’ library vulnerability

You may have missed

Share this:

Sea Turtle Cyber Espionage Campaign Targets Telecommunication and IT Companies in the Netherlands

Share this:

Rogue WordPress plugin: Threat hunters uncover credit card skimming campaign targeting e-commerce sites

Share this:

Albanian Parliament and telco ‘One Albania’ suffer cyber attacks

Share this:

Carbanak Banking Malware Resurfaces with Updated Tactics in Ransomware Attacks