JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It
RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\
Analyse des attaques Ectoplasm: npm install hooks that harvest AWS credentials behind a container-only trigger Le 12 juin 2026
Analyse des attaques SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching Le 9 juin 2026
Analyse des attaques PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel Le 5 juin 2026
Analyse des attaques ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting Le 4 juin 2026
Analyse des attaques JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It 29 mai 2026
Analyse des attaques RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\ 22 mai 2026
Analyse des attaques AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads 21 mai 2026
Analyse des attaques PhantomBot: A Typosquat Campaign That Pivoted From Credential Theft to a Turnkey Botnet Kit 18 mai 2026
