home.social

#credentialstealingmalware — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #credentialstealingmalware, aggregated by home.social.

  1. GitHub Repos Targeted in 5,500+ Malicious Commits

    A shocking new campaign, dubbed Megalodon, has injected malware into over 5,500 GitHub repositories, putting sensitive credentials and tokens at risk of being stolen. This alarming attack highlights the growing threat of supply chain attacks, with experts warning that this could be just the beginning.

    osintsights.com/github-repos-t

    #SupplyChain #MaliciousCommits #CredentialstealingMalware #CicdPipeline #Megalodon

  2. Malware Targets TanStack npm Packages in Supply Chain Attack

    Malware attackers have infiltrated the TanStack npm packages, modifying 84 artifacts in a supply chain attack that could compromise major developer ecosystems. The malicious code, aimed at stealing credentials, was published across 42 packages on May 11, with some, like @tanstack/react-router, downloaded over 12 million times…

    osintsights.com/malware-target

    #SupplyChainAttack #Tanstack #Npm #MalwareOperations #CredentialstealingMalware