Security Boulevard
PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers Tom Abai
PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers The post PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers appeared first on Security Boulevard.
3 de Maio de 2026, 09:05

PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers

3 de Maio de 2026, 09:05

The post PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers appeared first on Security Boulevard.

Security Boulevard
Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install Tom Abai
See how the attack works, what to look for, and how to remediate. The post Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install appeared first on Security Boulevard.
31 de Março de 2026, 04:41

Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install

Security Boulevard

Por:Tom Abai

31 de Março de 2026, 04:41

See how the attack works, what to look for, and how to remediate.

The post Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install appeared first on Security Boulevard.

Security Boulevard
CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive Tom Abai
On March 20, 2026 at 20:45 UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden malicious code. What they had caught was CanisterWorm, a self-spreading npm worm deployed by the threat actor group TeamPCP. We track this […] The post CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive appeared first on Security Boulevar
21 de Março de 2026, 17:37

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

Security Boulevard

Por:Tom Abai

21 de Março de 2026, 17:37

On March 20, 2026 at 20:45 UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden malicious code. What they had caught was CanisterWorm, a self-spreading npm worm deployed by the threat actor group TeamPCP. We track this […]

The post CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive appeared first on Security Boulevard.

Visualização normal