developer security - The Cyber Trove

36 Malicious npm Strapi Packages Used in Targeted Supply Chain Attack

Latest News

36 Malicious npm Strapi Packages Used in Targeted Supply Chain Attack

A sophisticated software supply chain attack has been discovered targeting developers using Strapi. Attackers published 36 … 36 Malicious npm Strapi Packages Used in Targeted Supply Chain Attack Read more

by Rakesh•April 6, 2026April 6, 2026•0

Axios npm Supply Chain Attack: Detection, Risks, and Mitigation Guide

Latest News

Axios npm Supply Chain Attack: Detection, Risks, and Mitigation Guide

On March 31, 2026, the cybersecurity community faced a major wake-up call when a widely trusted … Axios npm Supply Chain Attack: Detection, Risks, and Mitigation Guide Read more

by Rakesh•April 3, 2026April 3, 2026•0

Backdoored Telnyx Python SDK on PyPI Steals Credentials Across Platforms

Latest News

Backdoored Telnyx Python SDK on PyPI Steals Credentials Across Platforms

A new software supply chain attack has targeted developers after threat actors compromised the Telnyx Python … Backdoored Telnyx Python SDK on PyPI Steals Credentials Across PlatformsRead more

by Rakesh•April 1, 2026April 1, 2026•0

Malicious Axios Package Delivers WAVESHAPER.V2 Backdoor in Supply Chain Attack

Latest News

Malicious Axios Package Delivers WAVESHAPER.V2 Backdoor in Supply Chain Attack

A major software supply chain attack has impacted the JavaScript ecosystem after threat actors compromised the … Malicious Axios Package Delivers WAVESHAPER.V2 Backdoor in Supply Chain AttackRead more

by Rakesh•April 1, 2026April 1, 2026•0

CanisterWorm Spreads Through npm Accounts Stealing Tokens

Latest News

CanisterWorm Spreads Through npm Accounts Stealing Tokens

A new supply chain malware campaign called CanisterWorm is targeting the npm ecosystem by compromising publisher … CanisterWorm Spreads Through npm Accounts Stealing TokensRead more

by Rakesh•March 23, 2026March 23, 2026•0

Malicious Next.js Repositories Target Developers

Latest News

Malicious Next.js Repositories Target Developers

Software supply chain attacks are no longer limited to package managers or CI/CD pipelines. Threat actors … Malicious Next.js Repositories Target DevelopersRead more

by Rakesh•February 25, 2026February 25, 2026•0

Dangerous duer-js NPM Package Infects Windows Users

Latest News

Dangerous duer-js NPM Package Infects Windows Users

A malicious NPM package named duer-js has been discovered targeting Windows users and developers. Disguised as … Dangerous duer-js NPM Package Infects Windows UsersRead more

by Rakesh•February 12, 2026February 12, 2026•0

Latest News

GlassWorm Malware: Supply Chain Attack Targeting VSX Developers

Software supply chain attacks are no longer rare, and the GlassWorm malware campaign proves how dangerous … GlassWorm Malware: Supply Chain Attack Targeting VSX DevelopersRead more

by Rakesh•February 4, 2026February 4, 2026•0

Hidden Backdoor Found in Popular Go Packages

Latest News

Hidden Backdoor Found in Popular Go Packages

The Go programming ecosystem has been hit by a long-running supply chain attack that secretly targeted … Hidden Backdoor Found in Popular Go PackagesRead more

by Rakesh•December 8, 2025December 8, 2025•0