2026

• 20 Mar CanisterWorm: npm Publisher Compromise Deploys Backdoor
• 13 Mar 72 Malicious Open VSX Extensions Linked to GlassWorm
• 10 Mar 5 Malicious Rust Crates Posed as Time Utilities
• 05 Mar Fake imToken Extension Steals Seed Phrases
• 26 Feb Malicious Go "crypto" Module Steals Passwords and Deploys Rekoobe Backdoor
• 20 Feb SANDWORM_MODE: Shai-Hulud-Style npm Worm
• 13 Feb Malicious Chrome Extension Steals Meta 2FA Seeds
• 31 Jan GlassWorm Loader Hits Open VSX via Account Compromise
• 21 Jan sympy-dev Typosquat Delivers Cryptomining Malware
• 12 Jan Malicious Chrome Extension Steals MEXC API Keys

2025

• 23 Dec npm-Hosted Spearphishing Targets U.S. Manufacturing
• 15 Dec Malicious NuGet Typosquats .NET Tracing Library
• 05 Dec Malicious Go Packages Impersonate Google's UUID Library
• 26 Nov Inside North Korea's Contagious Interview npm Attacks
• 24 Nov Shai Hulud Strikes Again (v2)
• 12 Nov Malicious Chrome Extension Exfiltrates Seed Phrases
• 22 Oct Malicious NuGet Packages Typosquat Nethereum
• 18 Oct 131 Spamware Extensions Targeting WhatsApp
• 10 Oct North Korea: 338 Malicious npm Packages, 50,000 Downloads
• 24 Sep Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
• 17 Sep Identifying and Preventing Fraudulent Engineering Candidates
• 15 Sep Tinycolor npm Supply Chain Attack Affects 40+ Packages
• 29 Aug Wallet-Draining npm Package Impersonates Nodemailer
• 21 Aug Malicious Go Module Exfiltrates Credentials via Telegram
• 07 Aug 60 Malicious Ruby Gems Used in Targeted Credential Theft Campaign
• 23 Jul Surveillance Malware Hidden in npm and PyPI Packages
• 22 Jul npm 'is' Package Hijacked in Expanding Supply Chain Attack
• 14 Jul Contagious Interview Escalates With 67 Malicious npm Packages
• 25 Jun North Korean Contagious Interview Drops 35 Malicious npm Packages
• 12 Jun 2025 Blockchain and Cryptocurrency Threat Report
• 03 Jun Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban
• 29 May Monkey-Patched PyPI Packages Steal Solana Private Keys
• 23 May 60 Malicious npm Packages Leak Network and Host Data
• 19 May Malicious Koishi Chatbot Plugin Exfiltrates Messages
• 14 May Malicious Open Source Packages: 2025 Mid‑Year Threat Report
• 07 May Malicious npm Packages Hijack Cursor Editor on macOS
• 22 Apr Malicious npm and PyPI Packages Steal Wallet Credentials
• 04 Apr Lazarus Expands npm Campaign: 11 New Packages
• 19 Mar Black Basta's Dependency Confusion and Ransomware in OSS
• 10 Mar Lazarus Strikes npm Again with New Wave of Malicious Packages
• 04 Mar Typosquatted Go Packages Deliver Malware Loader
• 25 Feb Malicious PyPI Package Exploits Deezer API for Coordinated Music Piracy
• 04 Feb Malicious Package Exploits Go Module Proxy Caching
• 29 Jan Lazarus Targets Developers with Malicious npm Package
• 08 Jan Malicious npm Packages Target Solana Keys via Gmail
• 03 Jan Weaponizing OAST: Malicious Packages Exploit npm, PyPI, and RubyGems

2024

• 20 Dec Quasar RAT Disguised as an npm Package
• 18 Dec Skuld Infostealer Returns to npm
• 06 Dec Malicious Maven Package Impersonating 'XZ for Java' Library
• 27 Nov Typosquatting Cryptographic Libraries: Keylogging and Wallet Theft
• 22 Nov Malicious npm Packages Inject SSH Backdoors via Typosquats
• 19 Nov Exploiting npm to Build Blockchain-Powered Botnets
• 08 Nov Roblox Developers Targeted with Infected npm Packages
• 31 Oct npm Malware Campaign Leverages Ethereum Smart Contracts
• 31 Oct Author Typosquatting on npm: Impersonating Sindre Sorhus
• 23 Oct Noxia: Dark Web Hosting Targets Open Source Ecosystems
• 11 Oct Typosquatting on PyPI: Mimicking 'browser-cookie3'

2023

• 12 Jan Current Trends in the Turkish-Language Dark Web

2022

• 30 Aug Combating Human Trafficking — Prosecution

2021

• 25 Feb The Business of Fraud: An Overview of How Cybercrime Gets Monetized

2020

• 16 Jun Checkers and Brute Forcers Highlight Dangers of Poor Password Management
• 24 Mar Combating the Underground Economy's Automation Revolution

2019

• 30 Sep The Price of Influence: Disinformation in the Private Sector