Socket

Entity category: organization

Cybersecurity

Malicious Rust Packages Target Web3 Developers

December 5, 2025
Wooden cube with glowing skull on dark wooden surface with smoke.

Malicious packages uploaded to the Rust registry (crates.io) impersonated legitimate developer tools, stealing cryptocurrency by executing a stealthy, multi-stage attack…

Read More »
Cybersecurity

New npm Malware Hijacks Browsers for Crypto Scams

November 19, 2025
Digital cryptocurrency icons including Bitcoin, Ethereum, Ripple, Litecoin, and Zcash against a backdrop of binary code.

A malware campaign using seven npm packages hijacked browsers to redirect users to cryptocurrency scams, employing cloaking and anti-analysis techniques…

Read More »
Cybersecurity

Malicious NPM Packages Use Adspect to Evade Detection

November 19, 2025
A hooded figure with a digital face displaying code, set against a blurred city background.

Seven malicious npm packages used the Adspect cloaking service to distinguish between security researchers and real targets, redirecting only the…

Read More »
Business

Malicious NuGet Packages Deploy Destructive Time Bombs

November 9, 2025
Close-up of a rackmount industrial control system with illuminated displays and status lights.

Malicious packages on NuGet, uploaded by shanhai666, contain hidden payloads set to activate between 2027 and 2028, targeting database systems…

Read More »
BigTech Companies

Self-Propagating Attack Infects 187 npm Packages

September 19, 2025
npm logo in a red neon tunnel, symbolizing the vast network of JavaScript packages.

A self-propagating worm named 'Shai-Hulud' has compromised at least 187 npm packages, starting with @ctrl/tinycolor and spreading to include modules…

Read More »
Cybersecurity

NPM Supply-Chain Attack Thwarted: Hackers Foiled

September 12, 2025
Hooded figure in red, wearing a mask, sits before glowing screens displaying Bitcoin and data streams.

A massive supply-chain attack on the NPM ecosystem was quickly neutralized, preventing a catastrophic security incident despite malicious updates reaching…

Read More »
Cybersecurity

Massive Supply-Chain Attack Hits 2B+ Weekly Downloads

September 9, 2025
Cybersecurity warning: Multiple screens display red warning triangles with exclamation points against a binary code background.

A software supply-chain attack compromised nearly two dozen npm packages with two billion weekly downloads, making it one of the…

Read More »
Newswire

Beware: Malicious npm Package Impersonates Email Library

September 3, 2025
Person checking email on laptop, new message notification shown.

A malicious npm package named "nodejs-smtp" impersonates the legitimate nodemailer library, compromising cryptocurrency wallets by altering transaction details to redirect…

Read More »
BigTech Companies

Popular Password Managers Vulnerable to Clickjacking Login Leaks

August 21, 2025
Cybersecurity concept: Close-up of padlocks on a circuit board, glowing blue, symbolizing digital data protection.

Six major password managers with millions of users are vulnerable to unpatched clickjacking attacks, which can expose sensitive data like…

Read More »
Artificial Intelligence

Claude Connectors: Explore Anthropic’s New Tool Directory

July 15, 2025
Abstract art featuring a starburst within overlapping rainbow arches on a terracotta background.

Anthropic introduced Claude Connectors, enabling seamless integration with external data sources, including cloud services and desktop apps, to enhance functionality.…

Read More »