JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It
RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\
攻击分析 Ectoplasm: npm install hooks that harvest AWS credentials behind a container-only trigger 2026 年 6 月 12 日
攻击分析 PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel 2026 年 6 月 5 日
攻击分析 ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting 2026 年 6 月 4 日
攻击分析 JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It 2026 年 5 月 29 日
攻击分析 RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\ 2026 年 5 月 22 日
攻击分析 AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads 2026 年 5 月 21 日
攻击分析 PhantomBot: A Typosquat Campaign That Pivoted From Credential Theft to a Turnkey Botnet Kit 2026 年 5 月 18 日
