T1583.006 6

• Fake imToken Chrome Extension Steals Seed Phrases via Phishing Redirects Mar 5, 2026
• Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations Dec 23, 2025
• Inside the GitHub Infrastructure Powering North Korea's Contagious Interview npm Attacks Nov 26, 2025
• North Korean APT Lazarus Targets Developers with Malicious npm Package Jan 29, 2025
• Gmail For Exfiltration: Malicious npm Packages Target Solana Private Keys and Drain Victims' Wallets Jan 8, 2025
• Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft Nov 27, 2024