Latest Threats & Blogs
Test Blog
"This update to our Content Security Policy adds an additional layer of protection by blocking unauthorized scripts, further helping safeguard your organization against evolving security threats," Kokkalera added.
This move …
Typosquatted Packages Deploy Multi-Stage Credential Harvester
Security researchers discovered 10 dangerous, fake software packages on the npm registry that have been actively stealing user login information for over four months, accumulating nearly 10,000 downloads. These packages …
PhantomRaven attack floods npm with credential-stealing packages
An active campaign named ‘PhantomRaven’ is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.
The activity started in August and deployed …