SecurityWeek

North Korean Hackers Target High-Profile Node.js Maintainers

The North Korean threat actor behind the Axios supply chain attack has been targeting high-profile Node.js maintainers.
Dark Reading

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

An emerging threat cluster is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to steal credentials ...
SecurityWeek

Guardarian Users Targeted With Malicious Strapi NPM Packages

A threat actor has used 36 malicious NPM packages posing as Strapi plugins to distribute malware targeting Redis, Docker, and ...