Skip to main content

Tag: credential stealing malware

10 articles

Compromised software development environment with laptop and papers, hinting at a supply-chain intrusion.

Malicious AsyncAPI Packages Target npm Users with Credential-Stealing Malware

On July 14, a supply-chain intrusion briefly introduced trojanized AsyncAPI packages into the npm ecosystem, putting users at risk of credential-stealing malware. Five malicious releases in the @asyncapi namespace were downloaded hundreds of thousands of times during a four-hour window.

Analyst 207
Developer workstation with laptop and monitor displaying code, surrounded by notes and empty coffee cups, in a modern…

TrapDoor Attack Spreads Credential-Stealing Malware Across Software Ecosystems

A massive supply chain attack, dubbed TrapDoor, has been spreading credential-stealing malware across three major language ecosystems, infecting over 34 malicious packages and 384 versions. The coordinated campaign began on May 22, 2026, and continues to target developers with cleverly named packages related to cryptocurrency, DeFi, Solana, and AI.

Analyst 207
Laptop screen showing GitHub repository page with cityscape background and subtle CI/CD hints.

GitHub Repos Targeted in 5,500+ Malicious Commits

A shocking new campaign, dubbed Megalodon, has injected malware into over 5,500 GitHub repositories, putting sensitive credentials and tokens at risk of being stolen. This alarming attack highlights the growing threat of supply chain attacks, with experts warning that this could be just the beginning.

Analyst 207
Software development workspace with laptop, tools, and notes, set against a blurred cityscape with natural light.

Malware Infects Hundreds of Open-Source Packages in Supply-Chain Attack

A massive supply-chain attack, dubbed "mini Shai-Hulud," has infected hundreds of open-source packages with credential-stealing malware, putting millions of developers and users at risk. The malicious code has been embedded in widely-used libraries and projects, including TanStack's React Router, which alone has over 12 million weekly downloads.

Analyst 207
Developer workstation with laptop, coding environment, notes, and coffee cups, with daylight and cityscape in background.

Malware Targets TanStack npm Packages in Supply Chain Attack

Malware attackers have infiltrated the TanStack npm packages, modifying 84 artifacts in a supply chain attack that could compromise major developer ecosystems. The malicious code, aimed at stealing credentials, was published across 42 packages on May 11, with some, like @tanstack/react-router, downloaded over 12 million times weekly.

Analyst 207
Jenkins plugin page on a computer screen shows a warning message with a blurred software development workspace background.

Checkmarx Plugin Compromised with Infostealer in Supply-Chain Attack

A rogue version of Checkmarx's Jenkins Application Security Testing plugin was compromised by the TeamPCP hacker group, who left a taunting message in the about section, claiming another supply-chain attack success. The group has been linked to a string of similar breaches, delivering credential-stealing malware.

Analyst 207
Laptop with blank screen surrounded by npm packages and JavaScript code in a brightly-lit software development environment.

Malware Targets SAP npm Packages in Supply Chain Attack

A new supply-chain attack campaign, dubbed mini Shai-Hulud, is targeting SAP-related npm packages, delivering credential-stealing malware that threatens JavaScript and cloud applications. This sneaky attack puts sensitive data at risk, and experts are warning of a potentially massive impact.

Analyst 207
Malware Infiltrates Leaked Claude Code Downloads

Malware Infiltrates Leaked Claude Code Downloads

Tens of thousands of people who downloaded the leaked Claude Code over the last week unknowingly installed credential-stealing malware, including Vidar stealer and GhostSocks, alongside the purported source code. This digital trap turned what seemed like open-source gold into a digital pickpocket, putting sensitive information at risk.

Analyst 207
PyPI Breach: TeamPCP's Alarming Software Supply Chain Attack Uncovered

PyPI Breach: TeamPCP's Alarming Software Supply Chain Attack Uncovered

A shocking new software supply chain attack has been uncovered, putting developers and users on high alert: a malicious package on PyPI, disguised as a legitimate tool, has been delivering credential-stealing malware. Can you trust the software you download?

Analyst 207
Malicious PyPI Packages Spread Devastating Malware

Malicious PyPI Packages Spread Devastating Malware

Malicious actors have struck again, this time infiltrating the Python Package Index (PyPI) with tainted versions of popular packages Telnyx and LiteLLM, putting developers' sensitive credentials at risk. Can we trust the software supply chain when even seemingly secure systems can be breached?

Analyst 207