A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in ...
Threat actors are still abusing Visual Studio Code extensions as an entry point, with the latest fake Prettier incident ...
Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.
North Korean hackers intensify their efforts against blockchain and Web3 developers, using nearly 200 malicious npm packages ...
A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with ...
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
Microsoft previews a GitHub Copilot-powered VS Code Insiders tool that modernizes JavaScript/TypeScript apps by upgrading npm ...
Two code packages named "nodejs-encrypt-agent" in the popular npm JavaScript library and registry recently were discovered containing the open source information-stealing TurkoRat malware. Researchers ...
The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm) code ...
GitHub security team has identified several high-severity vulnerabilities in npm packages, "tar" and "@npmcli/arborist," used by npm CLI. The tar package receives 20 million weekly downloads on ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback