Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...
Cryptopolitan on MSN

Hacker targets ETH and SOL devs via typosquat npm packages

Ethereum and Solana developers were targeted by five malicious npm packages that steal private keys and send them to the ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain ...
Compare the Cloud

Malicious npm Packages Expose Growing Supply Chain Risk

Sonatype Security Research has identified two malicious npm packages — sbx-mask and touch-adv — that appear to result from a ...
TechRepublic

TIOBE Index for March 2026: Top 10 Most Popular Programming Languages

TIOBE Index for March 2026: Top 10 Most Popular Programming Languages Your email has been sent Python keeps the top spot as its rating dips again, C climbs further in second, and the bottom stays ...