Dependency hijacking: Dissecting North Korea’s new wave of DeFi-themed open source attacks targeting developers

Poppaea McDermott /

Sep 10, 2024

Threat Analysis

Cross-platform RAT deployed by weaponized 'requests' clone

Luke Hinds / Poppaea McDermott /

Aug 30, 2024

Threat Analysis

NPM packages leveraged for cryptocurrency theft

Poppaea McDermott /

Aug 2, 2024

Threat Analysis

DestroyLoneliness: npm starjacking attack on Roblox Node.js library delivers QuasarRAT

Poppaea McDermott /

Jul 11, 2024

Threat Analysis

Python typosquatting attack targets popular open source PyPI library with 30M weekly downloads

Luis Juncal / Luke Hinds /

Jun 6, 2024

Threat Analysis

The good, the bad and the ugly of the XZ vulnerability

Craig McLuckie /

Apr 1, 2024

Threat Analysis

An analysis of an obfuscated JavaScript malware package

Luke Hinds / Edward Thomson /

Mar 27, 2024

Threat Analysis

How npm install scripts can be weaponized: A real-world example of a harmful npm package

Edward Thomson /

Mar 3, 2024

Threat Analysis

Docs

Categories

Resources categorized "Threat Analysis"

There are a total of (8) items.

Dependency hijacking: Dissecting North Korea’s new wave of DeFi-themed open source attacks targeting developers

Cross-platform RAT deployed by weaponized 'requests' clone

NPM packages leveraged for cryptocurrency theft

DestroyLoneliness: npm starjacking attack on Roblox Node.js library delivers QuasarRAT

Python typosquatting attack targets popular open source PyPI library with 30M weekly downloads

The good, the bad and the ugly of the XZ vulnerability

An analysis of an obfuscated JavaScript malware package

How npm install scripts can be weaponized: A real-world example of a harmful npm package

Don't be a stranger

Newsletter

Stay in the loop

Explore our GitHub repo

Dive into our Discord