Infostealer 20

• 5 Malicious Rust Crates Posed as Time Utilities to Exfiltrate .env Files Mar 10, 2026
• Malicious Chrome Extension Steals Meta Business Manager Exports and TOTP 2FA Seeds Feb 13, 2026
• Inside the GitHub Infrastructure Powering North Korea's Contagious Interview npm Attacks Nov 26, 2025
• Shai Hulud Strikes Again (v2) Nov 24, 2025
• Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys Sep 24, 2025
• Popular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages Sep 15, 2025
• Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram Aug 21, 2025
• 60 Malicious Ruby Gems Used in Targeted Credential Theft Campaign Aug 7, 2025
• Surveillance Malware Hidden in npm and PyPI Packages Targets Developers with Keyloggers, Webcam Capture, and Credential Theft Jul 23, 2025
• npm 'is' Package Hijacked in Expanding Supply Chain Attack Jul 22, 2025
• 2025 Blockchain and Cryptocurrency Threat Report: Malware in the Open Source Supply Chain Jun 12, 2025
• Monkey-Patched PyPI Packages Use Transitive Dependencies to Steal Solana Private Keys May 29, 2025
• The Landscape of Malicious Open Source Packages: 2025 Mid‑Year Threat Report May 14, 2025
• The Bad Seeds: Malicious npm and PyPI Packages Pose as Developer Tools to Steal Wallet Credentials Apr 22, 2025
• Gmail For Exfiltration: Malicious npm Packages Target Solana Private Keys and Drain Victims' Wallets Jan 8, 2025
• Skuld Infostealer Returns to npm with Fake Windows Utilities and Malicious Solara Development Packages Dec 18, 2024
• Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft Nov 27, 2024
• Roblox Developers Targeted with npm Packages Infected with Skuld Infostealer and Blank Grabber Nov 8, 2024
• Typosquatting on PyPI: Malicious Package Mimics Popular 'browser-cookie3' Library to Steal Sensitive Data Oct 11, 2024
• Combating the Underground Economy's Automation Revolution Mar 24, 2020