T1036.005 17

• Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys Sep 24, 2025
• Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions Aug 29, 2025
• Surveillance Malware Hidden in npm and PyPI Packages Targets Developers with Keyloggers, Webcam Capture, and Credential Theft Jul 23, 2025
• Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban Jun 3, 2025
• Monkey-Patched PyPI Packages Use Transitive Dependencies to Steal Solana Private Keys May 29, 2025
• Typosquatted Go Packages Deliver Malware Loader Targeting Linux and macOS Systems Mar 4, 2025
• Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence Feb 4, 2025
• North Korean APT Lazarus Targets Developers with Malicious npm Package Jan 29, 2025
• Gmail For Exfiltration: Malicious npm Packages Target Solana Private Keys and Drain Victims' Wallets Jan 8, 2025
• Weaponizing OAST: How Malicious Packages Exploit npm, PyPI, and RubyGems for Data Exfiltration and Recon Jan 3, 2025
• Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts Dec 20, 2024
• Skuld Infostealer Returns to npm with Fake Windows Utilities and Malicious Solara Development Packages Dec 18, 2024
• Malicious Maven Package Impersonating 'XZ for Java' Library Introduces Backdoor Allowing Remote Code Execution Dec 6, 2024
• Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft Nov 27, 2024
• Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries Nov 22, 2024
• Roblox Developers Targeted with npm Packages Infected with Skuld Infostealer and Blank Grabber Nov 8, 2024
• Typosquatting on PyPI: Malicious Package Mimics Popular 'browser-cookie3' Library to Steal Sensitive Data Oct 11, 2024