Packages of Computer - Search News

Dozens of malicious packages on NPM collect host and network data

60 packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor. According to Socket’s Threat ...

Bleeping Computer

SSH keys stolen by stream of malicious PyPI and npm packages

A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software developers on the platforms. The campaign started on September 12, 2023, and was first ...

Wired

AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks

AI-generated computer code is rife with references to nonexistent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results

Dozens of malicious packages on NPM collect host and network data

SSH keys stolen by stream of malicious PyPI and npm packages

AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks

Trending now