Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems ...
The vulnerability, tracked as CVE-2025-11953, carries a CVSS score of 9.8 out of a maximum of 10.0, indicating critical severity. It also affects the "@react-native-community/cli-server-api" package ...
Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the ...
Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
Software supply chain security firm JFrog has disclosed the details of a critical vulnerability affecting a popular React ...
Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
The npm packages were available since July, have elaborately obfuscated malicious routines, and rely on a fake CAPTCHA to ...
An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.
The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...
How to install Roblox on Windows 11? To install Roblox on your Windows 11/10 PC, visit the https://www.roblox.com/download page in your web browser and click on the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback