October 2, 2023
Nearly 90% of companies report they have detected a security issue in their software supply chain in the last 12 months.
September 1, 2023
Three newly discovered malicious Python packages posted to the Python Package Index (PyPI) are now believed to be part of the VMConnect campaign and have also been tied to the North Korean Lazarus Group.
August 31, 2023
North Korean state-sponsored hackers have uploaded malicious packages to the PyPI (Python Package Index) repository
August 25, 2023
Roblox gaming developers are lured in by a package that claims to create useful scripts to interact with the Roblox website
August 25, 2023
Malicious npm packages target Roblox devs
August 23, 2023
The campaign, discovered by researchers at ReversingLabs, uses typo-squatting and a number of sophisticated obfuscation tactics to entice users into downloading fake versions of commonly used software on npm, a popular open source software library.