This is a high-performance fork of caxa. Version 3.0 introduces portable Node bundling and zstd-compressed native payloads on top of the build/runtime improvements from the 2.x line. When executed, ...
Loki is a stage-1 command and control (C2) framework written in Node.js, built to script-jack vulnerable Electron apps MITRE ATT&CK T1218.015. Developed for red team operations, Loki enables evasion ...
Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon ...
Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic's Claude Opus large language model (LLM). The package ...
The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publicly available ...
A malicious package in the npm open source code repository is hitching a social engineering ride on the "Tailwind" legitimate software library tool, which millions of application developers use around ...
Researchers have found another 17 malicious packages in an open source repository, as the use of such repositories to spread malware continues to flourish. This time, the malicious code was found in ...
You don't need to reinvent the wheel every time a project calls for a pie chart. Here are nine different providers of not just individual controls, but huge collections that cover everything from ...