Arabian Post

CanisterWorm exploits npm accounts at scale

The campaign has been linked to a group identified as “TeamPCP,” which has systematically targeted maintainers of popular npm ...
Dark Reading

North Korea's Moonstone Sleet Widens Distribution of Malicious Code

A newly identified North Korean threat actor has widened its distribution of malicious node package manager (npm) code to public registries. And it's differentiating itself from other state-sponsored ...