T1204.005 6

• Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets and Poison CI Apr 30, 2026
• Malicious Go "crypto" Module Steals Passwords and Deploys Rekoobe Backdoor Feb 26, 2026
• PyPI Package Impersonates SymPy to Deliver Cryptomining Malware Jan 21, 2026
• Malicious NuGet Package Typosquats Popular .NET Tracing Library to Steal Wallet Passwords Dec 15, 2025
• Malicious Go Packages Impersonate Google's UUID Library and Exfiltrate Data Dec 5, 2025
• Inside the GitHub Infrastructure Powering North Korea's Contagious Interview npm Attacks Nov 26, 2025