Advertisement · 728 × 90
#
Hashtag
#PhantomRaven
Advertisement · 728 × 90
The New Oil
The New Oil
@thenewoil.org
2 weeks ago
Preview
New PhantomRaven NPM attack wave steals dev data via 88 packages New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

New #PhantomRaven #NPM attack wave steals dev data via 88 packages

www.bleepingcomputer.com/news/security/new-phanto...

#cybersecurity

0 0 1 0
Checkmarx Zero
Checkmarx Zero
@checkmarxzero.bsky.social
2 weeks ago
Preview
malicious_packages.csv GitHub Gist: instantly share code, notes, and snippets.

🚨 #PhantomRaven update

The Checkmarx Zero research team identified additional malicious npm packages linked to the latest wave of the campaign.

We’re sharing an updated package list (includes previously reported + newly discovered).
📦

0 0 0 0
Endor Labs
Endor Labs
@endorlabs.bsky.social
3 weeks ago
Preview
The Return of PhantomRaven: Detecting Three New Waves of npm Supply Chain Attacks | Blog | Endor Labs Endor Labs security researchers identified 88 malicious open source packages belonging to three new waves of the PhantomRaven campaign.

#PhantomRaven is back 👻🐦‍⬛ We found 3 new waves distributing 88 #maliciouspackages (81 still live on npm). Packages look clean, but a hidden URL in package.json pulls credential-stealing malware.
www.endorlabs.com/learn/return...

0 0 0 0
Checkmarx Zero
Checkmarx Zero
@checkmarxzero.bsky.social
4 months ago
Post image

Seen the news about #PhantomRaven, the NPM malware campaign? Good news: Our Malicious Package Identification API already identifies relevant packages as malicious (see image for one example), and our Malicious Package Protection component has been flagging them during SCA scans. 🧵1/2

0 0 1 0
The Daily Tech Feed
The Daily Tech Feed
@thedailytechfeed.com
5 months ago
Post image

Alert: Over 100 malicious npm packages in the PhantomRaven campaign are stealing GitHub tokens and CI/CD secrets. Developers, stay vigilant! #CyberSecurity #npm #PhantomRaven #DevSecOps Link: thedailytechfeed.com/phantomraven...

1 0 0 0
The Daily Tech Feed
The Daily Tech Feed
@thedailytechfeed.com
5 months ago
Post image

Alert: PhantomRaven attack deploys 126 malicious npm packages, compromising developer credentials. Over 86,000 downloads recorded. Stay vigilant! #CyberSecurity #npm #PhantomRaven #SupplyChainAttack Link: thedailytechfeed.com/phantomraven...

1 0 0 0
気になるITニュース
気になるITニュース
@news-it.bsky.social
5 months ago
Preview
ITちゃんねる 「AIの出力をコピペする開発者」を狙って悪意あるnpmパッケージをインストールさせて情報を盗み取る攻撃手法「PhantomRaven」の存在が判明 #AIの出力をコピペする開発者 #PhantomRaven #ITニュース

「AIの出力をコピペする開発者」を狙って悪意あるnpmパッケージをインストールさせて情報を盗み取る攻撃手法「PhantomRaven」の存在が判明
#AIの出力をコピペする開発者 #PhantomRaven #ITニュース

0 0 0 0
@matricedigitale.bsky.social
5 months ago
Post image

PhantomRaven sfrutta dipendenze invisibili su NPM per rubare credenziali e segreti CI/CD, eludendo controlli statici e ingannando l’AI.

#furtocredenziali #npm #PhantomRaven #RDD
www.matricedigitale.it/2025/10/30/p...

0 0 0 0
Ahmandonk
Ahmandonk
@ahmandonk.bsky.social
5 months ago

📰 Serangan PhantomRaven Banjiri NPM dengan Paket Berbahaya Pencuri Kredensial

👉 Baca artikel lengkap di sini: ahmandonk.com/2025/10/30/phantomraven-...

#ai #security #cybersecurity #github #gitlab #malware #node.js #npm #phantomraven #supply #chain #attack

1 0 0 0
Ars Technica News
Ars Technica News
@arstechni.ca
5 months ago

NPM flooded with malicious packages downloaded more than 86,000 times https://arstechni.ca #codedependencies #coderepositories #phantomraven #Security #Biz&IT #npm

0 0 0 0