Infosecurity-magazine.com

Malicious npm Packages Exploit Ethereum Smart Contracts

A malicious campaign targeting developers through npm and GitHub repositories has been uncovered, featuring an unusual method of using Ethereum smart contracts to conceal command-and-control (C2) ...
Dark Reading

Malicious Open Source Packages Spike 188% YoY

Due to automation and a high-reward, low-risk threat environment, open source malware increased 188% year over year in the second quarter of this year. Supply-chain security vendor Sonatype today ...