T1567.004 6

• Surveillance Malware Hidden in npm and PyPI Packages Targets Developers with Keyloggers, Webcam Capture, and Credential Theft Jul 23, 2025
• 60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign May 23, 2025
• Skuld Infostealer Returns to npm with Fake Windows Utilities and Malicious Solara Development Packages Dec 18, 2024
• Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries Nov 22, 2024
• Roblox Developers Targeted with npm Packages Infected with Skuld Infostealer and Blank Grabber Nov 8, 2024
• Typosquatting on PyPI: Malicious Package Mimics Popular 'browser-cookie3' Library to Steal Sensitive Data Oct 11, 2024