A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

The malware blends data theft with remote code execution, “turning a financially motivated stealer into a lightweight backdoor,” Microsoft said. Microsoft Threat Intelligence is warning Windows users ...

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Based“Crypto Clipper” Malware Spread. Microsoft Threat Intelligence has issued a warning to Windows users about a ...

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

What happened Microsoft warned about CryptoBandits, a Windows-based cryptocurrency clipper that also functions as a lightweight backdoor with data exfiltration and remote code execution capabilities.

The popular Mastra AI framework, used to build artificial intelligence agents, workflows and retrieval-augmented generation ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...