Researchers at Zscaler ThreatLabz have found three malicious Bitcoin npm packages that are meant to implant malware named ...
A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...
Security researchers found 3 npm packages that installed NodeCordRAT malware, stealing browser data, crypto wallet secrets & ...
The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that ...
A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
Node.js idiomatic client for Cloud Storage. Cloud Storage allows world-wide storage and retrieval of any amount of data at any time. You can use Google Cloud Storage for a range of scenarios including ...
Trust Wallet believes the compromise of its web browser to steal roughly $8.5 million from over 2,500 crypto wallets is ...
As a worm spread through hundreds of npm packages in 2025, it didn't exploit a vulnerability – it exploited the architecture.
Hackers behind the Shai Hulud malicious npm JavaScript campaign are likely testing a new variant of the malware. Security ...
$ nrm ls * npm ----- https://registry.npmjs.org/ yarn ----- https://registry.yarnpkg.com/ tencent ----- https://mirrors.tencent.com/npm/ cnpm ----- https://r.cnpmjs ...
Shai Hulud is a malware campaign first observed in September targeting the JavaScript ecosystem that focuses on supply chain compromise rather than traditional endpoint infection, using trojanized ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback