Topic: developer security recommendations

Sort by: Relevance | Date
  • Popular NPM 'is' Package Infects 2.8M Weekly Users with Malware
    July 25, 2025

    Popular NPM 'is' Package Infects 2.8M Weekly Users with Malware

    A widely-used NPM package called 'is' was compromised in a supply chain attack, distributing malware-infected versions (3.3.1 to 5.0.0) with a backdoor enabling remote code execution. Attackers used phishing via a fake npmjs.com domain to hijack maintainer accounts, pushing malicious updates to m...

    Read More »
  • Banana Squad's GitHub Malware Attack Targets Developers
    June 20, 2025

    Banana Squad's GitHub Malware Attack Targets Developers

    Cybersecurity experts discovered a malware campaign by Banana Squad targeting developers via 67 fake GitHub repositories, distributing trojanized Python files disguised as hacking tools. Attackers hid malicious code using long space strings on GitHub, evading standard views, marking a shift i...

    Read More »

Related Topics

system data collection (1) infostealer scavanger (1) Supply Chain Attacks (1) maintainer account security (1) github malware campaign (1) open-source ecosystem threats (1) banana squad threat group (1) trojanized python repositories (1)