Attacks Analysis

09 Jun SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching

Posted at 11:12h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

Uncover the details of The 24712-pl Campaign and the zero-dependency packages exploited during a security incident....

Read More

05 Jun PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel

Posted at 11:48h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

Uncover the details of The 24712-pl Campaign and the zero-dependency packages exploited during a security incident....

Read More

04 Jun ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting

Posted at 12:00h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

Uncover the details of The 24712-pl Campaign and the zero-dependency packages exploited during a security incident....

Read More

29 May JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It

Posted at 11:58h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

Uncover the details of The 24712-pl Campaign and the zero-dependency packages exploited during a security incident....

Read More

22 May RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

Posted at 12:52h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

Uncover the details of The 24712-pl Campaign and the zero-dependency packages exploited during a security incident....

Read More

21 May AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

Posted at 12:18h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

Uncover the details of The 24712-pl Campaign and the zero-dependency packages exploited during a security incident....

Read More

18 May PhantomBot: A Typosquat Campaign That Pivoted From Credential Theft to a Turnkey Botnet Kit

Posted at 09:44h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

Uncover the details of The 24712-pl Campaign and the zero-dependency packages exploited during a security incident....

Read More

08 May AWS Lambda npm Dependency Confusion Attack: The 24712-pl Campaign

Posted at 12:44h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

Uncover the details of The 24712-pl Campaign and the zero-dependency packages exploited during a security incident....

Read More

07 May alone5511 npm Dependency Confusion Attack

Posted at 14:39h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

An npm dependency confusion attack used eight malicious packages to fingerprint hosts and send RCE telemetry to Telegram....

Read More

06 May EVM/DeFi npm Typosquatting Attack Steals Developer Keys

Posted at 14:58h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

A npm typosquatting attack used six malicious EVM/DeFi packages to steal developer keys, wallets, secrets, and .env files....

Read More

04 May FauxCode: Reverse-Engineered Claude Code Routes Through Attackers

Posted at 19:37h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

FauxCode Claude Code npm malware used fake CLI packages to intercept API traffic through CA-bundle MITM and base URL hijacking....

Read More

04 May DevTap npm Typosquatting Attack: Six Malicious Packages Target Developer Workstations

Posted at 18:43h in Attacks Analysis, Must Read, Secrets Security by Xygeni Security Team 0 Comments

DevTap npm typosquatting attack used six malicious packages to spy on developer workstations and abuse npm trust....

Read More