Tag: infosec
Threat campaign fooling developers in GitHub repos
A threat campaign has been targeting software developers through GitHub repos that, at first glance, look completely legitimate. Security researchers from ReversingLabs found over 60 GitHub repos containing what appeared to be ordinary hacking tools written in Python. But, look a bit closer – or rather, scroll a bit further right – and you’d find…
JavaScript packages hide ‘protestware’ against Russian users
Security researchers from Socket have stumbled upon a digital booby trap set for Russian-language users within JavaScript packages. The researchers found two npm packages – with the rather innocuous names @link-loom/ui-sdk and @link-loom-react-sdk – that look normal on the surface. They’re designed to help developers create nice-looking pop-up notifications in web applications. Yet, beneath this…
Future of development or risky shortcut?
So-called “vibe coding” is both exciting and a little unnerving—it’s a shift away from the painstaking, line-by-line grind of traditional coding towards something more fluid and conversational. The idea behind vibe coding is that you can collaborate with an AI, describe what you want, and watch as it constructs a working application. It promises a…
Veracode unravels 12-layer npm attack to find RAT
Security researchers at Veracode, during their routine monitoring of the open-source world, stumbled upon two seemingly harmless software packages on the popular npm repository. However, when they looked inside, they weren’t greeted with code; instead, they faced a wall of Unicode characters, predominantly in Japanese Katakana and Hiragana. “What started as an investigation into a…
Package lurking in npm for six years waits to destroy your work
Socket’s threat researchers have uncovered a package lurking in npm for six years that awaits a remote command to wipe projects. The culprit? A package called xlsx-to-json-lh, which mimics the legitimate xlsx-to-json-lc package. Notice the difference? Just one letter separates them, a ‘h’ instead of a ‘c’ – an easy mistake for even careful developers…