Arabian Post on MSN

Massive npm-Based Phishing Network Exposed Under “Beamglea” Campaign

Security analysts have uncovered a large-scale phishing operation utilising 175 npm packages as infrastructure to redirect victims to credential-harvesting sites. The packages, collectively downloaded ...
The Hacker News

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with ...