Malicious Rust Crate Targets Web3 Developers
Researchers have uncovered a supply chain attack involving a malicious Rust crate named evm-units, designed to deliver OS-specific malware to developer systems under the guise […]
malicious
NPM packages Causes Havoc
Ten typosquatting npm packages were published that execute an obfuscated loader at postinstall, display a fake ASCII CAPTCHA, fingerprint victims, download a 24 MB PyInstaller-packaged […]
Crypto-Stealing VSCode Extensions Resurface—A Warning for Developers and Security Teams
A new report from Koi Security has revealed that malicious Visual Studio Code (VSCode) extensions—previously removed from Microsoft’s marketplace—have resurfaced on OpenVSX, a community-maintained registry […]